From sec-adv at secunia.com Mon Jan 3 10:29:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 3 Jan 2011 19:29:39 +0100 Subject: [SEC] [SA42778] SUSE update for kernel Message-ID: <201101031829.p03ITd6B012858@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA42778 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42778/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42778 RELEASE DATE: 2011-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/42778/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42778/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42778 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS. For more information: SA41263 SA41440 SA41493 SA41650 SA42035 SA42094 SA42148 SA42172 SA42176 SA42187 1) An error within the RDS implementation can be exploited to execute arbitrary code with kernel privileges. SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2011:001: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00000.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 11:29:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 3 Jan 2011 20:29:10 +0100 Subject: [SEC] [SA42801] SUSE update for kernel Message-ID: <201101031929.p03JTAEe003312@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA42801 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42801/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42801 RELEASE DATE: 2011-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/42801/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42801/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42801 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS. For more information: SA41263 SA41284 SA41493 SA41650 SA42035 SA42094 SA42172 SA42176 SA42187 1) An error within the RDS implementation can be exploited to execute arbitrary code with kernel privileges. SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2011:002: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 12:30:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 3 Jan 2011 21:30:12 +0100 Subject: [SEC] [SA42792] Gallarific "id" SQL Injection Vulnerability Message-ID: <201101032030.p03KUCwJ026291@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gallarific "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42792 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42792/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42792 RELEASE DATE: 2011-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/42792/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42792/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42792 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Gallarific, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to gallery.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.1. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: AtT4CKxT3rR0r1ST OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 13:30:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 3 Jan 2011 22:30:17 +0100 Subject: [SEC] [SA42772] Fedora update for mantis Message-ID: <201101032130.p03LUHpO016795@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for mantis SECUNIA ADVISORY ID: SA42772 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42772/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42772 RELEASE DATE: 2011-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/42772/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42772/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42772 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mantis. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks and disclose sensitive information. For more information: SA41278 SA42597 SOLUTION: Apply updated packages using the yum utility ("yum update mantis"). ORIGINAL ADVISORY: FEDORA-2010-19070: http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052721.html FEDORA-2010-19078: http://lists.fedoraproject.org/pipermail/package-announce/2010-December/052730.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 14:24:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 3 Jan 2011 23:24:38 +0100 Subject: [SEC] [SA42797] ChurchInfo Multiple Vulnerabilities Message-ID: <201101032224.p03MOca3007040@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: ChurchInfo Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42797 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42797/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42797 RELEASE DATE: 2011-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/42797/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42797/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42797 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in ChurchInfo, which can be exploited by malicious users to conduct SQL injection attacks and malicious people to conduct cross-site request forgery attacks. 1) Input passed via the "WhichType" POST parameter to ListEvents.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can further be exploited to conduct cross-site scripting attacks. 2) The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add another administrative user to the application by tricking a logged-in administrator into visiting a malicious web site. The vulnerabilities are confirmed in version 1.2.12. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: 1) dun 2) An anonymous person. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 14:46:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 3 Jan 2011 23:46:05 +0100 Subject: [SEC] [SA42771] Gimp Multiple Vulnerabilities Message-ID: <201101032246.p03Mk5ct028218@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gimp Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42771 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42771/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42771 RELEASE DATE: 2011-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/42771/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42771/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42771 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in Gimp, which can be exploited by malicious people to compromise a user's system. 1) A boundary error within the "loadit()" function in plug-ins/common/sphere-designer.c of the "Sphere Designer" plugin can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted file via the plugin. 2) Boundary errors within the "load_preset_response()" function in plug-ins/lighting/lighting-ui.c of the "Lighting Effects" plugin can be exploited to cause stack-based buffer overflows by e.g. tricking a user into opening a specially crafted "Lighting preset" file via the plugin. 3) A boundary error within the "gfig_read_parameter_gimp_rgb()" function in plug-ins/gfig/gfig-style.c can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially GFIG file or opening a specially crafted XCF file and subsequently using the GFIG plugin. 4) A boundary error within the "read_channel_data()" function in plug-ins/common/file-psp.c can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a specially crafted PSP file. The vulnerabilities are confirmed in version 2.6.11. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Non Customers Crew ORIGINAL ADVISORY: Debian Bug #608497: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 15:16:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 00:16:12 +0100 Subject: [SEC] [SA42725] Debian update for phpmyadmin Message-ID: <201101032316.p03NGBQZ017383@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for phpmyadmin SECUNIA ADVISORY ID: SA42725 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42725/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42725 RELEASE DATE: 2011-01-03 DISCUSS ADVISORY: http://secunia.com/advisories/42725/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42725/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42725 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for phpmyadmin. This fixes a vulnerability and two weaknesses, which can be exploited by malicious people to conduct spoofing and cross-site scripting attack and disclose system information. For more information: SA42408 SA42485 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2139-1: http://lists.debian.org/debian-security-announce/2010/msg00190.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 15:47:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 00:47:51 +0100 Subject: [SEC] [SA42773] VLC Media Player Real Demuxer Array Indexing Vulnerability Message-ID: <201101032347.p03Nlp6o006689@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: VLC Media Player Real Demuxer Array Indexing Vulnerability SECUNIA ADVISORY ID: SA42773 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42773/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42773 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42773/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42773/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42773 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in VLC Media Player, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an array indexing error within the Real demuxer when processing certain Real Media files, which can be exploited by e.g. tricking a user into opening a specially crafted Real Media file. The vulnerability is reported in version 1.1.5. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: VideoLAN-SA-1007: http://www.videolan.org/security/sa1007.html Launchpad Bug #690173: https://bugs.launchpad.net/ubuntu/maverick/+source/vlc/+bug/690173 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 16:13:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 01:13:34 +0100 Subject: [SEC] [SA42795] Sahana Disaster Management System "sel" SQL Injection Vulnerability Message-ID: <201101040013.p040DYqj028050@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sahana Disaster Management System "sel" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42795 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42795/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42795 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42795/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42795/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42795 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Sahana Disaster Management System, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "sel" parameter to xml.php (when "act" is set to "add_loc") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 0.6.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: dun OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 16:47:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 01:47:26 +0100 Subject: [SEC] [SA42770] HP Photo Creations audio.Record ActiveX Control Buffer Overflow Message-ID: <201101040047.p040lQTX017389@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: HP Photo Creations audio.Record ActiveX Control Buffer Overflow SECUNIA ADVISORY ID: SA42770 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42770/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42770 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42770/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42770/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42770 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in HP Photo Creations, which can be exploited by malicious people to compromise a user's system. For more information: SA42776 The vulnerability is confirmed in build 4281, bundling ContentMan.dll version 1.0.0.4281. Other versions may also be affected. SOLUTION: Update to build 5162, bundling ContentMan.dll version 1.0.0.5162. PROVIDED AND/OR DISCOVERED BY: rgod Additional information provided by Secunia Research. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 17:14:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 02:14:34 +0100 Subject: [SEC] [SA42776] Visan RocketLife audio.Record ActiveX Control Buffer Overflow Message-ID: <201101040114.p041EY4p006415@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Visan RocketLife audio.Record ActiveX Control Buffer Overflow SECUNIA ADVISORY ID: SA42776 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42776/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42776 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42776/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42776/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42776 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in RocketLife, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the bundled audio.Record ActiveX control (ContentMan.dll) when handling the "Resample()" and "ResampleDisp()" methods. This can be exploited to cause a stack-based buffer overflow by passing an overly long "out" string argument. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in build 4272, bundling ContentMan.dll version 1.0.0.4272. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Originally reported in HP Photo Creations by rgod. Additional information provided by Secunia Research. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 17:45:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 02:45:26 +0100 Subject: [SEC] [SA42767] Wireshark ENTTEC Dissector Buffer Overflow Vulnerability Message-ID: <201101040145.p041jQmm027997@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Wireshark ENTTEC Dissector Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42767 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42767/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42767 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42767/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42767/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42767 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error in the "dissect_enttec_dmx_data()" function (epan/dissectors/packet-enttec.c) when processing RLE Compressed DMX data of the ENTTEC protocol. This can be exploited to cause a buffer overflow via a specially crafted packet sent to UDP port 3333. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 1.4.2. Other versions may also be affected. SOLUTION: Fixed in the SVN repository. PROVIDED AND/OR DISCOVERED BY: Reported by non-customers in a Wireshark bug report. ORIGINAL ADVISORY: https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5539 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 18:10:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 03:10:02 +0100 Subject: [SEC] [SA42775] Geeklog Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201101040210.p042A2No016905@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Geeklog Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA42775 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42775/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42775 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42775/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42775/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42775 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Geeklog, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "conf_group", "subgroup", and "sub_group" parameters to admin/configuration.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 1.7.1sr1. SOLUTION: Update to version 1.7.1sr1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Aung Khant, YGN Ethical Hacker Group. ORIGINAL ADVISORY: Geeklog: http://www.geeklog.net/article.php/geeklog-1.7.1sr1 http://project.geeklog.net/cgi-bin/hgwebdir.cgi/geeklog/rev/20a98e6bab20 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 3 18:24:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 03:24:42 +0100 Subject: [SEC] [SA42768] CrawlTrack Unspecified PHP Code Execution Vulnerability Message-ID: <201101040224.p042OgZr005351@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: CrawlTrack Unspecified PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA42768 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42768/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42768 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42768/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42768/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42768 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CrawlTrack, which can be exploited by malicious people to compromise a vulnerable system. Certain unspecified input is not properly sanitised before being used. This can be exploited to execute arbitrary PHP code. Successful exploitation requires that stats are public. The vulnerability is reported in versions prior to 3.2.7. SOLUTION: Update to version 3.2.7. PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person. ORIGINAL ADVISORY: http://www.crawltrack.net/changelog.php http://www.crawltrack.net/forumuk/viewtopic.php?id=1484 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 4 10:31:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 19:31:27 +0100 Subject: [SEC] [SA42806] Fedora update for drupal-views Message-ID: <201101041831.p04IVRnF004792@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for drupal-views SECUNIA ADVISORY ID: SA42806 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42806/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42806 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42806/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42806/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42806 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for drupal-views. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA42651 SOLUTION: Apply updated packages via the yum utility ("yum update drupal-views"). ORIGINAL ADVISORY: FEDORA-2010-18927: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052802.html FEDORA-2010-19009: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052814.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 4 11:30:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 20:30:20 +0100 Subject: [SEC] [SA42798] ImgBurn Insecure Library Loading Vulnerability Message-ID: <201101041930.p04JUKF8027654@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: ImgBurn Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA42798 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42798/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42798 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42798/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42798/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42798 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ImgBurn, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a CUE file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.5.4.0. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: d3c0der ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/97207/imgburn-dllhijack.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 4 12:30:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 21:30:45 +0100 Subject: [SEC] [SA42807] Fedora update for opensc Message-ID: <201101042030.p04KUjRs018182@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for opensc SECUNIA ADVISORY ID: SA42807 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42807/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42807 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42807/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42807/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42807 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for opensc. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA42658 SOLUTION: Apply updated packages via the yum utility ("yum update opensc"). ORIGINAL ADVISORY: FEDORA-2010-19193: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052777.html FEDORA-2010-19192: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052796.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 4 13:30:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 22:30:05 +0100 Subject: [SEC] [SA42810] MediaWiki "Clickjacking" Security Bypass Vulnerability Message-ID: <201101042130.p04LU5qg008647@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: MediaWiki "Clickjacking" Security Bypass Vulnerability SECUNIA ADVISORY ID: SA42810 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42810/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42810 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42810/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42810/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42810 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in MediaWiki, which can be exploited by malicious people to bypass certain security restrictions and conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. compromise a user's account by tricking a user into clicking a specially crafted link via clickjacking. The vulnerability is reported in versions prior to 1.16.1. SOLUTION: Update to version 1.16.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits PleaseStand. ORIGINAL ADVISORY: http://lists.wikimedia.org/pipermail/mediawiki-announce/2011-January/000093.html https://bugzilla.wikimedia.org/show_bug.cgi?id=26561 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 4 14:24:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Jan 2011 23:24:51 +0100 Subject: [SEC] [SA42777] Amoeba CMS Multiple Vulnerabilities Message-ID: <201101042224.p04MOp3P031299@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Amoeba CMS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42777 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42777/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42777 RELEASE DATE: 2011-01-04 DISCUSS ADVISORY: http://secunia.com/advisories/42777/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42777/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42777 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Amoeba CMS, which can be exploited by malicious people to conduct SQL injection and cross-site request forgery attacks. 1) Input passed via the "cpID" parameter to index.php (when "mod" is set to "cat" and "com" is set to e.g. "news") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add another administrative user by tricking a logged-in administrator into visiting a malicious web-site. The vulnerabilities are reported in version 1.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Do not browse untrusted web-sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: 1) mr_me 2) An anonymous person. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 10:30:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Jan 2011 19:30:41 +0100 Subject: [SEC] [SA42790] Music Animation Machine MIDI Player MAMX File Parsing Buffer Overflow Message-ID: <201101051830.p05IUfoB009270@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Music Animation Machine MIDI Player MAMX File Parsing Buffer Overflow SECUNIA ADVISORY ID: SA42790 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42790/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42790 RELEASE DATE: 2011-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/42790/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42790/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42790 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Music Animation Machine MIDI Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when parsing MAMX files and can be exploited to cause a stack-based buffer overflow. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2006aug19 Release 035. Other versions may also be affected. SOLUTION: Do not open untrusted MAMX files. PROVIDED AND/OR DISCOVERED BY: Acidgen ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15901/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 11:30:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Jan 2011 20:30:59 +0100 Subject: [SEC] [SA42786] PhpGedView "pgvaction" Local File Inclusion Vulnerability Message-ID: <201101051930.p05JUxpt032176@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PhpGedView "pgvaction" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA42786 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42786/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42786 RELEASE DATE: 2011-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/42786/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42786/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42786 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in PhpGedView, which can be exploited by malicious people to disclose sensitive information. Input passed via the "pgvaction" parameter to module.php (when "mod" is set to an existing module name) is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 4.2.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: dun OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 12:30:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Jan 2011 21:30:14 +0100 Subject: [SEC] [SA42818] SUSE update for MozillaFirefox, MozillaThunderbird, and Seamonkey Message-ID: <201101052030.p05KUEOp022626@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox, MozillaThunderbird, and Seamonkey SECUNIA ADVISORY ID: SA42818 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42818/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42818 RELEASE DATE: 2011-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/42818/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42818/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42818 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, and Seamonkey. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system. For more information: SA37242 SA42517 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2011:003: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 13:30:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Jan 2011 22:30:15 +0100 Subject: [SEC] [SA42787] VMware ESX Console OS (COS) Multiple Vulnerabilities Message-ID: <201101052130.p05LUFfC013142@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: VMware ESX Console OS (COS) Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42787 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42787/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42787 RELEASE DATE: 2011-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/42787/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42787/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42787 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged some vulnerabilities in Console OS (COS), which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA40639 SA41316 SA41795 SOLUTION: Apply patches if available. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: VMSA-2011-0001: http://www.vmware.com/security/advisories/VMSA-2011-0001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 14:24:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Jan 2011 23:24:13 +0100 Subject: [SEC] [SA42780] Apache Subversion Two Denial of Service Vulnerabilities Message-ID: <201101052224.p05MODSH003353@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apache Subversion Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA42780 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42780/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42780 RELEASE DATE: 2011-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/42780/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42780/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42780 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Apache Subversion, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error within the "walk()" function in mod_dav_svn/repos.c of the mod_dav_svn module can be exploited to cause a crash. 2) A memory leak when processing the "blame -g" command can be exploited to cause a DoS due to high memory consumption on the server. The vulnerabilities are reported in versions prior to 1.6.15. SOLUTION: Update to version 1.6.15. PROVIDED AND/OR DISCOVERED BY: 1) Rob Kooper 2) Chris Tashjian ORIGINAL ADVISORY: Apache Announcement: http://mail-archives.apache.org/mod_mbox/www-announce/201011.mbox/%3CAANLkTi=5+NOi-Cp=fKCx6mAW-TofFVW=ikEQkXgQB8Bt at mail.gmail.com%3E 1) http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C3923B919-C2BE-41AD-84ED-7207837FAD1A at ncsa.illinois.edu%3E 2) http://mail-archives.apache.org/mod_mbox/subversion-users/201011.mbox/%3C4CD33B61.7030203 at thepond.com%3E OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 14:45:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Jan 2011 23:45:25 +0100 Subject: [SEC] [SA42814] Fedora update for php Message-ID: <201101052245.p05MjP7X024525@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for php SECUNIA ADVISORY ID: SA42814 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42814/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42814 RELEASE DATE: 2011-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/42814/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42814/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42814 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for php. This fixes some security issues and some vulnerabilities, where one has unknown impacts and others can be exploited by malicious users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, potentially disclose sensitive information, and cause a DoS (Denial of Service). For more information: SA41724 SA42135 SOLUTION: Apply updated packages via the yum utility ("yum update php php-eaccelerator maniadrive"). ORIGINAL ADVISORY: FEDORA-2010-19011: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052835.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052836.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052837.html FEDORA-2010-18976: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052843.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052844.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052845.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 15:17:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 00:17:50 +0100 Subject: [SEC] [SA42813] Fedora update for libwmf Message-ID: <201101052317.p05NHoUv013792@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for libwmf SECUNIA ADVISORY ID: SA42813 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42813/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42813 RELEASE DATE: 2011-01-05 DISCUSS ADVISORY: http://secunia.com/advisories/42813/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42813/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42813 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libwmf. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerabilities are caused due to the use of a vulnerable version of the GD library. For more information: SA23916 SA25855 SOLUTION: Apply updated packages using the yum utility ("yum update libwmf"). ORIGINAL ADVISORY: FEDORA-2010-19022: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052854.html FEDORA-2010-19033: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052848.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 15:47:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 00:47:45 +0100 Subject: [SEC] [SA42789] Red Hat update for kernel Message-ID: <201101052347.p05Nlj58003030@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA42789 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42789/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42789 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42789/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42789/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42789 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS. For more information: SA35093 SA41002 SA41440 SA41650 SA42035 SA42061 SA42126 SA42372 1) An error within the SCTP implementation can be exploited to cause a crash by sending specially crafted network traffic. 2) An error within the RDS implementation can be exploited to execute arbitrary code with kernel privileges. 3) The fix for Red Hat Bugzilla bug #484590 (provided in RHSA-2009-1243) introduced a regression, which can be exploited by malicious, local users to cause a DoS. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011-0004: https://rhn.redhat.com/errata/RHSA-2011-0004.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 16:13:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 01:13:35 +0100 Subject: [SEC] [SA42803] cwbiff Command Injection Vulnerability Message-ID: <201101060013.p060DZhM024412@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: cwbiff Command Injection Vulnerability SECUNIA ADVISORY ID: SA42803 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42803/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42803 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42803/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42803/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42803 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in cwbiff, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application not properly sanitising input before using it in a call to "system()". This can be exploited to inject and execute arbitrary shell commands by sending specially crafted emails. The vulnerability is reported in version 0.2.0. Prior versions may also be affected. SOLUTION: Update to version 0.2.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://fkurz.net/ham/cwbiff.html http://fkurz.net/ham/cwbiff/ChangeLog OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 16:47:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 01:47:36 +0100 Subject: [SEC] [SA42779] Microsoft Windows Thumbnail Bitmap Parsing Buffer Overflow Message-ID: <201101060047.p060lasR013758@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Thumbnail Bitmap Parsing Buffer Overflow SECUNIA ADVISORY ID: SA42779 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42779/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42779 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42779/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42779/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42779 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a signedness error in the "CreateSizedDIBSECTION()" function within shimgvw.dll when parsing thumbnail bitmaps. This can be exploited to cause a stack-based buffer overflow via a specially crafted thumbnail image containing a negative "biClrUsed" value. Successful exploitation allows execution of arbitrary code when a user e.g. views a malicious web page or Office document. SOLUTION: The vendor recommends restricting access to shimgvw.dll. PROVIDED AND/OR DISCOVERED BY: Moti and Xu Hao at POC2010 ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/2490606.mspx Metasploit: http://www.metasploit.com/redmine/projects/framework/repository/revisions/11466/entry/modules/exploits/windows/fileformat/ms11_xxx_createsizeddibsection.rb OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 5 17:14:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 02:14:56 +0100 Subject: [SEC] [SA42796] Gentoo update for gif2png Message-ID: <201101060114.p061EuNd002761@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for gif2png SECUNIA ADVISORY ID: SA42796 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42796/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42796 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42796/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42796/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42796 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for gif2png. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA42339 SOLUTION: Update to version "media-gfx/gif2png-2.5.1-r1" or later. ORIGINAL ADVISORY: GLSA 201101-01: http://www.gentoo.org/security/en/glsa/glsa-201101-01.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 10:30:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 19:30:45 +0100 Subject: [SEC] [SA42808] Debian update for nss Message-ID: <201101061830.p06IUjKc031864@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for nss SECUNIA ADVISORY ID: SA42808 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42808/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42808 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42808/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42808/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42808 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for nss. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA38400 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2141-2: http://lists.debian.org/debian-security-announce/2011/msg00002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 11:30:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 20:30:43 +0100 Subject: [SEC] [SA42815] Debian update for libapache2-mod-fcgid Message-ID: <201101061930.p06JUhQP022380@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for libapache2-mod-fcgid SECUNIA ADVISORY ID: SA42815 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42815/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42815 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42815/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42815/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42815 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for libapache2-mod-fcgid. This fixes a security issue, which can be exploited by malicious, local users to potentially gain escalated privileges. For more information: SA42288 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2140-1: http://lists.debian.org/debian-security-announce/2011/msg00000.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 12:30:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 21:30:29 +0100 Subject: [SEC] [SA42811] Debian update for openssl Message-ID: <201101062030.p06KUT4K012867@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for openssl SECUNIA ADVISORY ID: SA42811 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42811/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42811 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42811/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42811/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42811 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for openssl. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data and bypass certain security restrictions. For more information: SA37291 SA42473 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2141-1: http://lists.debian.org/debian-security-announce/2011/msg00001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 13:30:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 22:30:16 +0100 Subject: [SEC] [SA42821] Ubuntu update for evince Message-ID: <201101062130.p06LUGst003329@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for evince SECUNIA ADVISORY ID: SA42821 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42821/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42821 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42821/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42821/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42821 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for evince. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or compromise a user's system. For more information: SA42769 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1035-1: http://www.ubuntu.com/usn/usn-1035-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 14:24:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 23:24:18 +0100 Subject: [SEC] [SA42816] Debian update for apache2 Message-ID: <201101062224.p06MOIPk025993@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for apache2 SECUNIA ADVISORY ID: SA42816 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42816/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42816 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42816/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42816/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42816 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for apache2. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA37291 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2141-1: http://lists.debian.org/debian-security-announce/2011/msg00003.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 14:45:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Jan 2011 23:45:18 +0100 Subject: [SEC] [SA42769] Evince dvi-backend Multiple Vulnerabilities Message-ID: <201101062245.p06MjIiT014745@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Evince dvi-backend Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42769 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42769/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42769 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42769/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42769/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42769 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Evince, which can be exploited by malicious people to compromise a user's system. 1) An array indexing error when parsing PK font files within the "pk_load_font()" function in backend/dvi/mdvi-lib/pk.c can be exploited to corrupt memory by tricking the user into opening or previewing a specially crafted DVI file. 2) An array indexing error when parsing VF font files within the "vf_load_font()" function in backend/dvi/mdvi-lib/vf.c can be exploited to corrupt memory by tricking the user into opening or previewing a specially crafted DVI file. 3) A boundary error when parsing AFM font files within the "token()" function in backend/dvi/mdvi-lib/afmparse.c can be exploited to cause a heap-based buffer overflow by tricking the user into opening or previewing a specially crafted DVI file. 4) An integer overflow error when parsing TFM font files within the "tfm_load_file()" function in backend/dvi/mdvi-lib/tfmfile.c can be exploited to corrupt memory by tricking the user into opening or previewing a specially crafted DVI file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Jon Larimer, IBM X-Force. ORIGINAL ADVISORY: http://git.gnome.org/browse/evince/commit/?id=d4139205b010ed06310d14284e63114e88ec6de2 https://bugzilla.redhat.com/show_bug.cgi?id=666313 https://bugzilla.redhat.com/show_bug.cgi?id=666314 https://bugzilla.redhat.com/show_bug.cgi?id=666318 https://bugzilla.redhat.com/show_bug.cgi?id=666321 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 15:11:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 00:11:14 +0100 Subject: [SEC] [SA42819] Novell Identity Manager Cross-Site Scripting Vulnerability Message-ID: <201101062311.p06NBEje003699@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Novell Identity Manager Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA42819 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42819/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42819 RELEASE DATE: 2011-01-06 DISCUSS ADVISORY: http://secunia.com/advisories/42819/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42819/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42819 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell Identity Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input passed to the "Approval Form" is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in Identity Manager Roles Based Provisioning Module 3.7.0 (User Application 3.7.0) prior to Field Patch 370D. SOLUTION: Apply Field Patch 370D. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5085293.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 15:46:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 00:46:56 +0100 Subject: [SEC] [SA42824] Fedora update for pidgin Message-ID: <201101062346.p06Nkuj5025616@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for pidgin SECUNIA ADVISORY ID: SA42824 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42824/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42824 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42824/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42824/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42824 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA42732 SOLUTION: Apply updated packages via the yum utility ("yum update pidgin"). ORIGINAL ADVISORY: FEDORA-2010-19314: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052862.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 16:13:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 01:13:25 +0100 Subject: [SEC] [SA42764] WordPress Pierre's Wordspew Plugin SQL Injection Vulnerabilities Message-ID: <201101070013.p070DPGv014621@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress Pierre's Wordspew Plugin SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA42764 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42764/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42764 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42764/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42764/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42764 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in the Pierre's Wordspew plugin for WordPress, which can be exploited by malicious users and malicious people to conduct SQL injection attacks. Input passed via the "jal_lastID" and "tb" parameters to wp-content/plugins/pierres-wordspew/wordspew.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 5.61. Other versions may also be affected. SOLUTION: Upgrade to version 6.0 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Kevin Fernandez. ORIGINAL ADVISORY: http://wordpress.org/extend/plugins/pierres-wordspew/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 16:48:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 01:48:28 +0100 Subject: [SEC] [SA42791] TIBCO Collaborative Information Manager / ActiveCatalog Multiple Vulnerabilities Message-ID: <201101070048.p070mSWA003967@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: TIBCO Collaborative Information Manager / ActiveCatalog Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42791 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42791/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42791 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42791/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42791/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42791 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in TIBCO Collaborative Information Manager and TIBCO ActiveCatalog, which can be exploited by malicious people to conduct session fixation attacks, disclose potentially sensitive information, conduct cross-site scripting attacks, manipulate certain data, and conduct SQL injection attacks. 1) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) An unspecified error when handling certain specially crafted URLs can be exploited to disclose or manipulate certain data. 4) An unspecified error within the handling of sessions and can be exploited to hijack another user's session. The vulnerabilities are reported in TIBCO Collaborative Information Manager prior to version 8.1.0 and TIBCO ActiveCatalog prior to version 1.0.1. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.tibco.com/multimedia/cim_advisory_20110105_tcm8-12765.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 6 17:14:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 02:14:08 +0100 Subject: [SEC] [SA42788] SAP Management Console Two Vulnerabilities Message-ID: <201101070114.p071E8X1025345@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SAP Management Console Two Vulnerabilities SECUNIA ADVISORY ID: SA42788 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42788/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42788 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42788/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42788/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42788 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Jordan Santarsieri has reported some vulnerabilities in SAP KERNEL, which can be exploited by malicious people to disclose sensitive information and cause a DoS (Denial of Service). 1) An error in certain methods in the "sapstartsrv" SOAP server can be exploited to disclose sensitive information e.g. the list of log files and their content, profile parameters, and developer traces. 2) An error exists in the SAP Management Console while processing administration commands, which can be exploited to restart the service. The vulnerabilities are reported in the following components: * SAP KERNEL RELEASE 6.40 * SAP KERNEL RELEASE 7.00 * SAP KERNEL RELEASE 7.01 * SAP KERNEL RELEASE 7.10 * SAP KERNEL RELEASE 7.11 * SAP KERNEL RELEASE 7.20 SOLUTION: Patches are available via SAP Note 1439348. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Jordan Santarsieri, Onapsis. ORIGINAL ADVISORY: http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-001 http://www.onapsis.com/resources/get.php?resid=adv_onapsis-2011-002 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 10:30:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 19:30:23 +0100 Subject: [SEC] [SA42836] ApPHP PHP MicroCMS Cross-Site Request Forgery Vulnerability Message-ID: <201101071830.p07IUNA7027934@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: ApPHP PHP MicroCMS Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA42836 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42836/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42836 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42836/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42836/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42836 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ApPHP PHP MicroCMS, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests, without making proper validity checks to verify the requests. This can be exploited to e.g. change the administrator's password by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerability is confirmed in version 1.0.1 (2011-01-07). Other versions may also be affected. SOLUTION: Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB22765: http://www.htbridge.ch/advisory/xsrf_csrf_in_php_microcms.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 11:30:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 20:30:16 +0100 Subject: [SEC] [SA42828] Ubuntu update for apparmor Message-ID: <201101071930.p07JUGPU018433@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for apparmor SECUNIA ADVISORY ID: SA42828 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42828/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42828 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42828/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42828/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42828 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for apparmor. This fixes a weakness, which can be exploited to bypass certain security restrictions. The weakness is causes due to an error when parsing certain malformed profiles, which can lead to AppArmor's parser generating policies with unconfined fallback execute transitions. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1039-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001222.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 12:30:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 21:30:37 +0100 Subject: [SEC] [SA42809] Piwik Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201101072030.p07KUbfP008948@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Piwik Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA42809 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42809/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42809 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42809/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42809/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42809 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Piwik, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in versions prior to 1.1. SOLUTION: Update to version 1.1 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Stefan Esser, SektionEins. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 13:30:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 22:30:43 +0100 Subject: [SEC] [SA42831] Ubuntu update for dpkg Message-ID: <201101072130.p07LUhm1031839@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for dpkg SECUNIA ADVISORY ID: SA42831 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42831/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42831 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42831/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42831/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42831 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for dpkg. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data or compromise a vulnerable system. For more information: SA42826 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1038-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001219.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 14:24:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 23:24:38 +0100 Subject: [SEC] [SA42847] Red Hat update for evince Message-ID: <201101072224.p07MOcw2022067@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for evince SECUNIA ADVISORY ID: SA42847 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42847/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42847 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42847/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42847/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42847 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for evince. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA42769 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0009-1: https://rhn.redhat.com/errata/RHSA-2011-0009.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 14:45:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 7 Jan 2011 23:45:41 +0100 Subject: [SEC] [SA42845] WonderCMS Cross-Site Scripting and Request Forgery Vulnerabilities Message-ID: <201101072245.p07MjfeK010817@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WonderCMS Cross-Site Scripting and Request Forgery Vulnerabilities SECUNIA ADVISORY ID: SA42845 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42845/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42845 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42845/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42845/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42845 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in WonderCMS, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1) Input passed via the "content" parameter to editText.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. edit posts and slogans by tricking the logged in administrator into visiting a malicious web site. NOTE: This can further be exploited to conduct script insertion attacks. The vulnerabilities are confirmed in version 0.3.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA Additional information about cross-site request forgery provided by Secunia Research. ORIGINAL ADVISORY: HTB22759: http://www.htbridge.ch/advisory/xss_vulnerability_in_wondercms.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 15:18:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 00:18:35 +0100 Subject: [SEC] [SA42799] Openfire Multiple Vulnerabilities Message-ID: <201101072318.p07NIZgb032506@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Openfire Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42799 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42799/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42799 RELEASE DATE: 2011-01-07 DISCUSS ADVISORY: http://secunia.com/advisories/42799/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42799/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42799 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in Openfire, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed via the "username" parameter to login.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "username" parameter to security-audit-viewer.jsp, via the "username", "name", and "email" parameters to user-create.jsp, via the "username" and "nickname" (when the "jid" and "username" parameters are set to a non-NULL value and the "add" parameter is set) parameters to user-roster-add.jsp, via the "username" parameter to user-roster.jsp, via the "username" parameter to user-lockout.jsp, via the "name" and "description" parameters (when "create" is set) to group-create.jsp, via the "group" parameter to group-edit.jsp, via the "group" parameter to group-delete.jsp, and via the "roomJID" parameter to muc-room-delete.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "criteria" parameter to plugins/search/advance-user-search.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of vulnerability #3 requires that the "Search" plugin is installed. 4) Input passed via the "urlName", "url", and "groups" parameters (when "type" is set to "url" and "createURLBookmark" is set to "Create") to plugins/clientcontrol/create-bookmark.jsp, and via the "optionalMessage" parameter to plugins/clientcontrol/spark-form.jsp (when "submit" is set to a non-NULL value) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of vulnerability #4 requires that the "Client Control" plugin is installed. 5) The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add an administrative user to the application by tricking an administrator into visiting a malicious web site while being logged-in to the application. NOTE: This can further be exploited to conduct script insertion attacks. The vulnerabilities are confirmed in version 3.6.4. Other versions may also be affected. SOLUTION: Vulnerability #1 has been fixed in version 3.7.0 beta. Do not browse untrusted web sites while being logged-in to the application. Filter malicious characters and character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: Riyaz Ahemed Walikar, Microland Limited. ORIGINAL ADVISORY: http://community.igniterealtime.org/blogs/ignite/2010/08/26/openfire-370-beta-is-released http://archives.neohapsis.com/archives/bugtraq/2011-01/0014.html http://archives.neohapsis.com/archives/bugtraq/2011-01/0015.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 15:48:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 00:48:19 +0100 Subject: [SEC] [SA42826] Debian update for dpkg Message-ID: <201101072348.p07NmJsG021748@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for dpkg SECUNIA ADVISORY ID: SA42826 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42826/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42826 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42826/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42826/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42826 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for dpkg. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data or compromise a vulnerable system. 1) The dpkg-source component does not properly handle paths in patches when unpacking version "3.0 quilt" source packages, which can be exploited to modify arbitrary files outside of the intended destination directory. 2) The dpkg-source component incorrectly follows symlinks in the ".pc" directory when unpacking version "3.0 quilt" source packages, which can be exploited to modify arbitrary files outside of the intended destination directory. SOLUTION: Apply updated packages via the apt-get package manager. PROVIDED AND/OR DISCOVERED BY: 1) Jakub Wilk 2) Rapha?l Hertzog ORIGINAL ADVISORY: DSA-2142-1: http://lists.debian.org/debian-security-announce/2011/msg00004.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 16:13:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 01:13:52 +0100 Subject: [SEC] [SA42802] StageTracker SetList Processing Buffer Overflow Vulnerability Message-ID: <201101080013.p080Dqo2010693@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: StageTracker SetList Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42802 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42802/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42802 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42802/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42802/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42802 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in StageTracker, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to a boundary error when processing entries from a SetList file and can be exploited to cause a heap-based buffer overflow via an overly long string. Successful exploitation may allow execution of arbitrary code, but requires tricking a user into playing the specially crafted set entry. The vulnerability is confirmed in version 2.5. Other versions may also be affected. SOLUTION: Do not open SetList files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: freak_out OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 16:47:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 01:47:43 +0100 Subject: [SEC] [SA42840] Enzip File Processing Buffer Overflow Vulnerability Message-ID: <201101080047.p080lhGF032428@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Enzip File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42840 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42840/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42840 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42840/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42840/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42840 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Enzip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing file name entries inside an archive. This can be exploited to cause a heap-based buffer overflow via an overly long file name entry in a specially crafted ZIP archive. Successful exploitation allows execution of arbitrary code, but requires tricking a user into extracting the archive's contents. The vulnerability is confirmed in version 3.00. Other versions may also be affected. SOLUTION: Do not extract archive files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: C4SS!0 G0M3S OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 17:14:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 02:14:33 +0100 Subject: [SEC] [SA42825] BlogEngine.NET Arbitrary File Upload Privilege Escalation Message-ID: <201101080114.p081EX0N021438@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: BlogEngine.NET Arbitrary File Upload Privilege Escalation SECUNIA ADVISORY ID: SA42825 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42825/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42825 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42825/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42825/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42825 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been discovered in BlogEngine.NET, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to the "api/BlogImporter.asmx" script not properly validating uploaded files via the "GetFile" function. This can be exploited to execute arbitrary ASP code by uploading an ASP file. The security issue is confirmed in version 1.6.1.0. Other versions may also be affected. SOLUTION: Upgrade to version 2.0. PROVIDED AND/OR DISCOVERED BY: Deniz CEVIK ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-01/0013.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 17:45:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 02:45:39 +0100 Subject: [SEC] [SA42837] Phenotype CMS "store()" SQL Injection Vulnerability Message-ID: <201101080145.p081jdmB010628@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Phenotype CMS "store()" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42837 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42837/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42837 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42837/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42837/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42837 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Phenotype CMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed e.g. via the URL to Gallery/gal_id/1/image1,1.html is not properly sanitised in the "store()" function in _phenotype/system/class/PhenoTypeDataObject.class.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 3.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: http://www.htbridge.ch/advisory/sql_injection_in_phenotype_cms.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 18:10:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 03:10:59 +0100 Subject: [SEC] [SA42759] pimd Insecure Temporary Files Security Issues Message-ID: <201101080210.p082Axkh031979@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: pimd Insecure Temporary Files Security Issues SECUNIA ADVISORY ID: SA42759 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42759/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42759 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42759/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42759/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42759 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two security issues have been discovered in pimd, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issues are caused due to pimd creating the "/var/tmp/pimd.dump" and "/var/tmp/pimd.cache" files in an insecure manner, which can be exploited to e.g. overwrite arbitrary files via symlink attacks. The security issues are confirmed in version 2.1.5. Other versions may also be affected. SOLUTION: Restrict access to trusted users. PROVIDED AND/OR DISCOVERED BY: Reported to the Debian project by an unknown person. ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/01/07/3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 18:45:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 03:45:37 +0100 Subject: [SEC] [SA42846] Fedora update for collectd Message-ID: <201101080245.p082jbKY021340@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for collectd SECUNIA ADVISORY ID: SA42846 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42846/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42846 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42846/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42846/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42846 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for collectd. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA42393 SOLUTION: Apply updated packages via the yum utility ("yum update collectd"). ORIGINAL ADVISORY: FEDORA-2010-19031: https://admin.fedoraproject.org/updates/collectd-4.9.4-1.fc14 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 19:13:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 04:13:12 +0100 Subject: [SEC] [SA42842] Mono ASP.NET Source Code Disclosure Vulnerability Message-ID: <201101080313.p083DCJY012009@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Mono ASP.NET Source Code Disclosure Vulnerability SECUNIA ADVISORY ID: SA42842 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42842/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42842 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42842/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42842/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42842 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Mono, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error within the "mod_mono" module and can be exploited to disclose the source code of ASPX scripts. The vulnerability is reported in versions prior to 2.8.2. SOLUTION: Update to version 2.8.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.mono-project.com/Vulnerabilities#XSP.2Fmod_mono_source_code_disclosure OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 19:45:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 04:45:24 +0100 Subject: [SEC] [SA42844] Fedora update for wordpress Message-ID: <201101080345.p083jO6S001195@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for wordpress SECUNIA ADVISORY ID: SA42844 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42844/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42844 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42844/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42844/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42844 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wordpress. This fixes a vulnerability, which can be exploited by malicious users to conduct SQL injection attacks. For more information: SA42431 SOLUTION: Apply updated packages via the yum utility ("yum update wordpress"). ORIGINAL ADVISORY: FEDORA-2010-19290: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052892.html FEDORA-2010-19296: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052879.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 20:10:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 05:10:06 +0100 Subject: [SEC] [SA42827] Ubuntu update for python-django Message-ID: <201101080410.p084A6Bf022567@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for python-django SECUNIA ADVISORY ID: SA42827 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42827/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42827 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42827/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42827/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42827 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for python-django. This fixes two security issues, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service). For more information: SA42715 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1040-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001223.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 20:24:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 05:24:46 +0100 Subject: [SEC] [SA42841] Apple Mac OS X PackageKit Format String Vulnerability Message-ID: <201101080424.p084Ok9w011030@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apple Mac OS X PackageKit Format String Vulnerability SECUNIA ADVISORY ID: SA42841 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42841/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42841 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42841/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42841/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42841 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Mac OS X, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a format string error when handling distribution scripts during Software Update checks and can be exploited to corrupt memory. Successful exploitation may allow execution of arbitrary code, but requires that it's possible to intercept traffic e.g. via Man-in-the-Middle (MitM) attacks. The vulnerability is reported in versions 10.6 through 10.6.5 of Mac OS X and Mac OS X Server. SOLUTION: Apply 10.6.6 updates. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Aaron Sigel, vtty.com. ORIGINAL ADVISORY: http://support.apple.com/kb/HT4498 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 20:45:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 05:45:52 +0100 Subject: [SEC] [SA42838] F3Site 2010 Cross-Site Request Forgery Vulnerability Message-ID: <201101080445.p084jqU4032177@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: F3Site 2010 Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA42838 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42838/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42838 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42838/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42838/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42838 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in F3Site 2010, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add an administrative user by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerability is confirmed in version 2010. Other versions may also be affected. SOLUTION: Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB22757: http://www.htbridge.ch/advisory/xsrf_csrf_in_f3site.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 7 21:10:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 8 Jan 2011 06:10:53 +0100 Subject: [SEC] [SA42822] concrete5 Cross-Site Request Forgery Vulnerability Message-ID: <201101080510.p085Aruo021114@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: concrete5 Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA42822 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42822/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42822 RELEASE DATE: 2011-01-08 DISCUSS ADVISORY: http://secunia.com/advisories/42822/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42822/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42822 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in concrete5, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add a scrapbook entry by tricking a logged-in administrator into visiting a malicious web site. NOTE: This can further be exploited to perform script insertion attacks. The vulnerability is confirmed in version 5.4.1.1. Other versions may also be affected. SOLUTION: Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Tomjon OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 10:31:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 10 Jan 2011 19:31:37 +0100 Subject: [SEC] [SA42874] SGI IRIX "syssgi()" System Call Signedness Error Vulnerability Message-ID: <201101101831.p0AIVb3X012203@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SGI IRIX "syssgi()" System Call Signedness Error Vulnerability SECUNIA ADVISORY ID: SA42874 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42874/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42874 RELEASE DATE: 2011-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/42874/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42874/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42874 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SGI IRIX, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service). The vulnerability is caused due to a signedness error within the "syssgi()" system call when processing the request value "SGI_XLV_ATTR_GET" with the request attribute value "XLV_ATTR_STATS". This can be exploited to e.g. disclose kernel memory or cause a kernel panic. The vulnerability is reported in version 6.5.0. Other versions may also be affected. SOLUTION: Apply the patch. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Neil Kettle, Digit Security Ltd ORIGINAL ADVISORY: Neil Kettle: http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0104.html SGI: https://support.sgi.com/content_request/914341/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 11:31:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 10 Jan 2011 20:31:27 +0100 Subject: [SEC] [SA42858] Zwii "set[template][value]" Local File Inclusion Vulnerability Message-ID: <201101101931.p0AJVRjj002666@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Zwii "set[template][value]" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA42858 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42858/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42858 RELEASE DATE: 2011-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/42858/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42858/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42858 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Zwii, which can be exploited by malicious people to disclose sensitive information. Input passed via the "set[template][value]" parameter to system/system.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled and "register_globals" is enabled. The vulnerability is reported in version 2.1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Abdi Mohamed OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 12:33:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 10 Jan 2011 21:33:36 +0100 Subject: [SEC] [SA42861] Sahana Disaster Management System Multiple Vulnerabilities Message-ID: <201101102033.p0AKXarq025700@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sahana Disaster Management System Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42861 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42861/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42861 RELEASE DATE: 2011-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/42861/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42861/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42861 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities and a security issue have been discovered in Sahana Disaster Management System, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system. 1) Input passed via the "mod", "stream_type" and "mod" (when "act" is set to "adm") parameters to stream.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. 2) The application incorrectly restricts access to the "admin" module. This can be exploited to disclose configuration information and compromise a vulnerable system by uploading malicious PHP scripts. The vulnerabilities are confirmed in version 0.6.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. Restrict access to the mod/admin/ directory (via e.g. .htaccess). PROVIDED AND/OR DISCOVERED BY: dun OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 13:30:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 10 Jan 2011 22:30:21 +0100 Subject: [SEC] [SA42833] Joomla! Joomla Captcha Plugin "lng" Information Disclosure Vulnerability Message-ID: <201101102130.p0ALULbq016046@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Joomla! Joomla Captcha Plugin "lng" Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA42833 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42833/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42833 RELEASE DATE: 2011-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/42833/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42833/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42833 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Joomla Captcha plugin for Joomla!, which can be exploited by malicious people to disclose potentially sensitive information. Input passed via the "lng" parameter to plugins/system/captcha/playcode.php is not properly verified before being used. This can be exploited to read the contents of arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 4.5.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: dun OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 14:24:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 10 Jan 2011 23:24:28 +0100 Subject: [SEC] [SA42829] WordPress Mingle Forum Plugin Security Bypass and SQL Injection Vulnerabilities Message-ID: <201101102224.p0AMOShV006287@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress Mingle Forum Plugin Security Bypass and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA42829 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42829/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42829 RELEASE DATE: 2011-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/42829/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42829/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42829 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Charles Hooper has reported multiple vulnerabilities in the Mingle Forum plugin for WordPress, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct SQL injection attacks. 1) An error when updating forum posts can be exploited to edit any post by browsing directly to the Edit Post page (e.g. set "mingleforumaction" to "editpost" and "id" to a valid post id). 2) Input passed via the "topic" parameter to wp-content/plugins/mingle-forum/feed.php, "id" parameter to wpf-post.php (when "mingleforumaction" is set to "editpost"), and "id" parameter to wpf-class.php (when "mingleforumaction" is set to "profile") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions prior to 1.0.27. SOLUTION: Update to version 1.0.27. PROVIDED AND/OR DISCOVERED BY: Charles Hooper ORIGINAL ADVISORY: Mingle Forum: http://wordpress.org/extend/plugins/mingle-forum/changelog/ Charles Hooper: http://www.charleshooper.net/blog/multiple-vulnerabilities-in-mingle-forum-wordpress-plugin/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 14:45:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 10 Jan 2011 23:45:32 +0100 Subject: [SEC] [SA42782] Ariadne Web Content Management User Enumeration and SQL Injection Message-ID: <201101102245.p0AMjW2Q027438@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ariadne Web Content Management User Enumeration and SQL Injection SECUNIA ADVISORY ID: SA42782 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42782/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42782 RELEASE DATE: 2011-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/42782/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42782/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42782 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Andrea Purificato has reported a weakness and a vulnerability in Ariadne Web Content Management, which can be exploited by malicious people to determine valid user accounts and conduct SQL injection attacks. 1) The application returns different error messages depending on the username supplied during the login process. This can be exploited to potentially identify valid usernames via multiple login attempts. 2) Input passed via the "idPhoto" parameter to the preview photo page is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions 4.4 and prior. SOLUTION: Reportedly fixed in version 4.5. PROVIDED AND/OR DISCOVERED BY: Andrea Purificato ORIGINAL ADVISORY: Andrea Purificato: http://rawlab.mindcreations.com/codes/exploit/misc/ACM_Ariadne_sqlinject_userenum.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 15:17:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 00:17:08 +0100 Subject: [SEC] [SA42865] Drupal Webform Module SQL Injection Vulnerability Message-ID: <201101102317.p0ANH8xE016667@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Drupal Webform Module SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42865 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42865/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42865 RELEASE DATE: 2011-01-10 DISCUSS ADVISORY: http://secunia.com/advisories/42865/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42865/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42865 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Webform module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 6.x-3.5. SOLUTION: Update to version 6.x-3.5. PROVIDED AND/OR DISCOVERED BY: Reportedly exploited in the wild. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 15:47:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 00:47:41 +0100 Subject: [SEC] [SA42871] Fedora update for wordpress-mu Message-ID: <201101102347.p0ANlfYf005923@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for wordpress-mu SECUNIA ADVISORY ID: SA42871 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42871/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42871 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42871/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42871/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42871 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wordpress-mu. This fixes two vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and conduct SQL injection attacks. For more information: SA38592 SA42431 SOLUTION: Apply updated packages via the yum utility ("yum update wordpress-mu"). ORIGINAL ADVISORY: FEDORA-2010-19330: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052917.html FEDORA-2010-19329: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052932.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 16:13:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 01:13:38 +0100 Subject: [SEC] [SA42794] NetSupport Manager Client Buffer Overflow Vulnerability Message-ID: <201101110013.p0B0Dc5I027306@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: NetSupport Manager Client Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42794 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42794/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42794 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42794/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42794/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42794 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in NetSupport Manager, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error within the NetSupport Manager client when handling certain packets, which can be exploited to cause a stack-based buffer overflow by e.g. sending specially crafted packets to the client (port 5405/TCP). The vulnerability is confirmed in NetSupport Manager client for Linux version 11 and is also reported in NetSupport Manager client for Linux version 10.50.0, NetSupport Manager client for Solaris version 9.50, and NetSupport Manager client for Mac OS X version 11.00. Other versions may also be affected. Note: Reportedly, the Windows version is not affected. SOLUTION: Restrict network access using a firewall. PROVIDED AND/OR DISCOVERED BY: Luca Carettoni ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0090.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 16:47:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 01:47:37 +0100 Subject: [SEC] [SA42867] Oracle Solaris Firefox Multiple Vulnerabilities Message-ID: <201101110047.p0B0lbHl016629@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Firefox Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42867 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42867/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42867 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42867/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42867/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42867 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged multiple vulnerabilities in Firefox included in Solaris. These can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting and spoofing attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system. For more information: SA41244 SA41297 SA41706 SA41957 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_firefox OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 17:14:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 02:14:15 +0100 Subject: [SEC] [SA42849] Joomla! XMovie Component Unspecified Local File Inclusion Vulnerability Message-ID: <201101110114.p0B1EFR4005616@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Joomla! XMovie Component Unspecified Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA42849 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42849/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42849 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42849/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42849/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42849 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in XMovie component for Joomla!, which can be exploited by malicious users to disclose potentially sensitive information. Certain unspecified input is not properly verified before being used when uploading movies. This can be exploited to include files from local resources. No more information is currently available. The vulnerability is reported in version 1.0. Prior versions may also be affected. SOLUTION: Update to version 1.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.optikool.com/news/xmovie-news/45-xmovie-11-udpate OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 17:45:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 02:45:24 +0100 Subject: [SEC] [SA42851] KingView HistorySvr Service Buffer Overflow Vulnerability Message-ID: <201101110145.p0B1jOhM027230@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: KingView HistorySvr Service Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42851 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42851/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42851 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42851/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42851/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42851 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in KingView, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in HistorySvr.exe and can be exploited to cause a heap-based buffer overflow via a specially crafted packet sent to TCP port 777. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 6.53. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists). PROVIDED AND/OR DISCOVERED BY: Dillon Beresford OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 18:10:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 03:10:39 +0100 Subject: [SEC] [SA42873] Fedora update for webkitgtk Message-ID: <201101110210.p0B2Ad8h016164@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for webkitgtk SECUNIA ADVISORY ID: SA42873 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42873/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42873 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42873/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42873/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42873 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for webkitgtk. This fixes a weakness and some vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a user's system. For more information: SA40664 SA42109 SA42264 SA42605 SOLUTION: Apply updated packages via the yum utility ("yum update webkitgtk"). ORIGINAL ADVISORY: FEDORA-2011-0121: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052906.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 18:25:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 03:25:04 +0100 Subject: [SEC] [SA42868] Fedora update for pyfribidi Message-ID: <201101110225.p0B2P4pV004593@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for pyfribidi SECUNIA ADVISORY ID: SA42868 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42868/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42868 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42868/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42868/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42868 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for pyfribidi. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library. The vulnerability is caused due to a boundary error in the "log2vis_utf8()" function when converting certain UTF8 Arabic characters and can be exploited to cause a buffer overflow. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply updated packages via the yum utility ("yum update pyfribidi"). PROVIDED AND/OR DISCOVERED BY: Reported by Yoann Roman in a fribidi bug report. ORIGINAL ADVISORY: Yoann Roman: http://sourceforge.net/tracker/?func=detail&aid=2676136&group_id=158366&atid=807545 FEDORA-2011-0010: https://admin.fedoraproject.org/updates/pyfribidi-0.10.0-1.fc13 FEDORA-2011-0001: https://admin.fedoraproject.org/updates/pyfribidi-0.10.0-1.fc14 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 18:45:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 03:45:42 +0100 Subject: [SEC] [SA42866] VideoSpirit Pro Two Buffer Overflow Vulnerabilities Message-ID: <201101110245.p0B2jg3X025737@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: VideoSpirit Pro Two Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA42866 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42866/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42866 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42866/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42866/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42866 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in VideoSpirit Pro, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors when processing the "name" and "value" attributes of the "valitem" element in VideoSpirit project files (*.visprj) and can be exploited to cause stack-based buffer overflows by e.g. tricking a user into opening specially crafted project files. Successful exploitation allows execution of arbitrary code. The vulnerabilities are confirmed in version 1.6.8.1. Other versions may also be affected. SOLUTION: Do not open untrusted project files. PROVIDED AND/OR DISCOVERED BY: xsploitedsec Additional information provided by Secunia Research. ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15936/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 19:15:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 04:15:43 +0100 Subject: [SEC] [SA42872] Fedora update for evince Message-ID: <201101110315.p0B3FhLt015377@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for evince SECUNIA ADVISORY ID: SA42872 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42872/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42872 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42872/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42872/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42872 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for evince. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA42769 SOLUTION: Apply updated packages via the yum utility ("yum update evince"). ORIGINAL ADVISORY: FEDORA-2011-0208: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052910.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 10 19:44:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 04:44:25 +0100 Subject: [SEC] [SA42876] VideoSpirit Lite Two Buffer Overflow Vulnerabilities Message-ID: <201101110344.p0B3iPQL004448@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: VideoSpirit Lite Two Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA42876 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42876/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42876 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42876/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42876/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42876 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in VideoSpirit Lite, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to boundary errors when processing VideoSpirit project files (*.visprj). For more information: SA42866 The vulnerabilities are confirmed in version 1.4.0.1. Other versions may also be affected. SOLUTION: Do not open untrusted project files. PROVIDED AND/OR DISCOVERED BY: Originally reported in VideoSpirit Pro by xsploitedsec. Additional information provided by Secunia Research. ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15936/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 10:30:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 19:30:00 +0100 Subject: [SEC] [SA42853] Red Hat update for wireshark Message-ID: <201101111830.p0BIU0ll032144@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for wireshark SECUNIA ADVISORY ID: SA42853 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42853/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42853 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42853/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42853/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42853 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for wireshark. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA42767 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0013-2: https://rhn.redhat.com/errata/RHSA-2011-0013.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 11:30:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 20:30:13 +0100 Subject: [SEC] [SA42854] TinyBB "id" SQL Injection Vulnerability Message-ID: <201101111930.p0BJUD4U022655@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: TinyBB "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42854 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42854/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42854 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42854/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42854/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42854 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in TinyBB, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php is not properly sanitised in inc/tinybb-settings.php before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Aodrulez OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 12:30:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 21:30:32 +0100 Subject: [SEC] [SA42864] diafan.CMS Cross-Site Request Forgery Vulnerability Message-ID: <201101112030.p0BKUW9w013164@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: diafan.CMS Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA42864 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42864/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42864 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42864/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42864/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42864 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in diafan.CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add an administrative user by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerability is reported in version 4.3. Other versions may also be affected. SOLUTION: Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: High-Tech Bridge SA (HTB22777): http://www.htbridge.ch/advisory/xsrf_csrf_in_diafan_cms.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 13:30:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 22:30:05 +0100 Subject: [SEC] [SA42834] Solar FTP Server "PASV" Command Processing Vulnerability Message-ID: <201101112130.p0BLU59Y003622@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Solar FTP Server "PASV" Command Processing Vulnerability SECUNIA ADVISORY ID: SA42834 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42834/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42834 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42834/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42834/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42834 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: John Leitch has discovered a vulnerability in Solar FTP Server, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an error when processing the "PASV" command and can be exploited to corrupt memory by e.g. sending a "PASV" command with an overly long parameter. The vulnerability is confirmed in version 2.1. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: John Leitch ORIGINAL ADVISORY: http://www.johnleitch.net/Vulnerabilities/Solar.FTP.Server.2.1.Buffer.Overflow/77 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 14:24:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 23:24:43 +0100 Subject: [SEC] [SA42860] Aipo / Aipo ASP Unspecified SQL Injection Vulnerability Message-ID: <201101112224.p0BMOh0I026295@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Aipo / Aipo ASP Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42860 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42860/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42860 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42860/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42860/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42860 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Aipo and Aipo ASP, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via unspecified parameters is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 5.1.0.1. SOLUTION: Update to version 5.1.0.1 or later. PROVIDED AND/OR DISCOVERED BY: JVN credits Mr. Yuki Urabe. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 14:45:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Jan 2011 23:45:16 +0100 Subject: [SEC] [SA42857] SGX-SP Final Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201101112245.p0BMjGF1015008@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SGX-SP Final Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA42857 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42857/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42857 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42857/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42857/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42857 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in SGX-SP Final, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised in shop.cgi before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 10.0. Other versions may also be affected. SOLUTION: Upgrade to version 11.0 PROVIDED AND/OR DISCOVERED BY: JVN credits Mr. Oota Yoshinori, Business Architects Inc. ORIGINAL ADVISORY: http://wb-i.net/soft1.HTML#spf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 15:17:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 00:17:46 +0100 Subject: [SEC] [SA42817] Lexmark X651de PJL Messages Script Insertion Vulnerability Message-ID: <201101112317.p0BNHkCN004351@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Lexmark X651de PJL Messages Script Insertion Vulnerability SECUNIA ADVISORY ID: SA42817 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42817/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42817 RELEASE DATE: 2011-01-11 DISCUSS ADVISORY: http://secunia.com/advisories/42817/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42817/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42817 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Lexmark X651de, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the PJL (Printer Job Language) RDYMSG, OPMSG, and STMSG messages is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected printer web interface when the malicious data is being viewed. SOLUTION: Restrict network access. PROVIDED AND/OR DISCOVERED BY: dave b ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0046.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 15:48:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 00:48:10 +0100 Subject: [SEC] [SA42804] Microsoft Data Access Components Two Vulnerabilities Message-ID: <201101112348.p0BNmAtS025932@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Microsoft Data Access Components Two Vulnerabilities SECUNIA ADVISORY ID: SA42804 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42804/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42804 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42804/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42804/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42804 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Data Access Components, which can be exploited by malicious people to compromise a user's system. 1) An error when handling the DSN (Data Source Name) argument of a certain ODBC (Open Database Connectivity) API can be exploited to cause a buffer overflow by e.g. tricking a user into viewing a specially crafted web page. Successful exploitation requires an installed third-party application to use the affected ODBC API in a vulnerable manner. 2) A memory allocation error when parsing internal data structures can be exploited to corrupt memory by e.g. tricking a user into viewing a specially crafted web page. Successful exploitation of the vulnerabilities allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Abdul Aziz Hariri via ZDI. 2) The vendor credits Peter Vreugdenhil via ZDI. ORIGINAL ADVISORY: MS11-002 (KB2419632, KB2419635, KB2419640, KB2451910): http://www.microsoft.com/technet/security/Bulletin/MS11-002.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 16:13:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 01:13:15 +0100 Subject: [SEC] [SA42835] LotusCMS "system" Local File Inclusion Vulnerability Message-ID: <201101120013.p0C0DFb6014870@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: LotusCMS "system" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA42835 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42835/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42835 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42835/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42835/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42835 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in LotusCMS, which can be exploited by malicious people to disclose sensitive information. Input passed via the "system" parameter to index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 3.0.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: mr_me OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 16:48:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 01:48:45 +0100 Subject: [SEC] [SA42758] Ubuntu update for linux and linux-ec2 Message-ID: <201101120048.p0C0mjBd004244@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux and linux-ec2 SECUNIA ADVISORY ID: SA42758 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42758/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42758 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42758/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42758/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42758 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux and linux-ec2. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system information and potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to disclose potentially sensitive information. For more information: SA40205 SA41002 SA41440 SA41462 SA41493 SA41693 1) An integer overflow within the "btrfs_ioctl_clone" function in fs/btrfs/ioctl.c can be exploited to e.g. disclose sensitive information. 2) Incorrect permission checks within the "btrfs_ioctl_clone" function in fs/btrfs/ioctl.c can be exploited to overwrite append-only files. Note: CVE-2010-2537 and CVE-2010-2538 only affect Ubuntu 9.10. CVE-2010-2962 does not affect Ubuntu 10.10. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1041-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001224.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 17:14:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 02:14:17 +0100 Subject: [SEC] [SA42869] VaM Shop Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities Message-ID: <201101120114.p0C1EHAE025604@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: VaM Shop Cross-Site Scripting and Cross-Site Request Forgery Vulnerabilities SECUNIA ADVISORY ID: SA42869 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42869/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42869 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42869/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42869/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42869 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in VaM Shop, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed to the "search" parameter in admin/customers.php and "status" parameter in admin/orders.php (when "selected_box" is set to "customers") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change certain user permissions by tricking a logged in administrator into visiting a malicious web site. The vulnerabilities are confirmed in version 1.61. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: High-Tech Bridge SA (HTB22779, HTB22780, HTB22781): http://www.htbridge.ch/advisory/xss_vulnerability_in_vam_shop_1.html http://www.htbridge.ch/advisory/xss_vulnerability_in_vam_shop_2.html http://www.htbridge.ch/advisory/xsrf_csrf_in_vam_shop.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 17:45:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 02:45:45 +0100 Subject: [SEC] [SA42832] Wing FTP Server Cross-Site Request Forgery Vulnerability Message-ID: <201101120145.p0C1jjTB014819@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Wing FTP Server Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA42832 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42832/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42832 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42832/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42832/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42832 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: John Leitch has discovered a vulnerability in Wing FTP Server, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site. The vulnerability is confirmed in version 3.7.2. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: John Leitch ORIGINAL ADVISORY: http://www.johnleitch.net/Vulnerabilities/Wing.FTP.Server.3.7.2.Cross-site.Request.Forgery/76 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 18:10:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 03:10:45 +0100 Subject: [SEC] [SA42843] Slackware update for php Message-ID: <201101120210.p0C2Aj4a003711@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Slackware update for php SECUNIA ADVISORY ID: SA42843 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42843/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42843 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42843/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42843/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42843 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for php. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to an error in strtod.c when converting values from a string type to double and can be exploited to cause an infinite loop. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Rick Regan ORIGINAL ADVISORY: SSA:2011-010-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.484686 PHP: http://bugs.php.net/53632 Rick Regan: http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 11 18:45:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 03:45:34 +0100 Subject: [SEC] [SA42856] Newv SmartClient NewvCommon ActiveX Control Multiple Vulnerabilities Message-ID: <201101120245.p0C2jYLK025503@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Newv SmartClient NewvCommon ActiveX Control Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42856 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42856/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42856 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42856/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42856/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42856 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in Newv SmartClient NewvCommon ActiveX control, which can be exploited by malicious people to manipulate certain data and compromise a user's system. 1) The unsafe method "DelFile()" allows deleting arbitrary files. 2) The unsafe method "RunCommand()" allows executing arbitrary files. 3) A boundary error when processing the "WriteTextFile()" method can be exploited to cause a stack-based buffer overflow via an overly long string passed as the "FilePath" parameter. Successful exploitation allows execution of arbitrary code. The vulnerabilities are confirmed in version 1.1.0.0 (NewvCommon.ocx 1.0.0.18). Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: 1,3) wsn1983 2) yuguo.cn ORIGINAL ADVISORY: yuguo.cn: http://archives.neohapsis.com/archives/bugtraq/2011-01/0047.html wsn1983: http://www.nansec.com/1/post/2011/01/newvcommonocx-activex-insecure-method-vulnerability.html http://www.nansec.com/1/post/2011/01/newvcommonocx-activex-remote-code-execution-vulnerability.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 10:30:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 19:30:31 +0100 Subject: [SEC] [SA42870] Ubuntu update for lcms Message-ID: <201101121830.p0CIUV0U023943@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for lcms SECUNIA ADVISORY ID: SA42870 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42870/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42870 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42870/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42870/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42870 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for lcms. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA34634 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1043-1 : https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001227.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 11:33:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 20:33:24 +0100 Subject: [SEC] [SA42877] SUSE update for multiple packages Message-ID: <201101121933.p0CJXOSF014571@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for multiple packages SECUNIA ADVISORY ID: SA42877 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42877/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42877 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42877/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42877/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42877 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for multiple packages. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose sensitive information and gain escalated privileges and by malicious people to conduct HTTP response splitting attacks, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA39661 SA40112 SA40783 SA41535 SA41841 SA42290 SA42373 SA42461 SA42473 SA42732 1) The supportconfig script stores user passwords in an insecure manner and can be exploited to disclose the passwords. SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SR:2011:001: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00003.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 12:31:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 21:31:45 +0100 Subject: [SEC] [SA42839] FishEye / Crucible Multiple Vulnerabilities Message-ID: <201101122031.p0CKVjPx004967@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: FishEye / Crucible Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42839 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42839/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42839 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42839/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42839/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42839 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in FishEye and Crucible, which can be exploited by malicious users to conduct script insertion attacks, gain knowledge of sensitive information, and bypass certain security restrictions and by malicious people to disclose potentially sensitive information. 1) Certain unspecified input is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. This vulnerability is reported in versions prior to 2.4.4. 2) The application logs the administrators password in clear text when debug logging is enabled. This can be exploited to gain knowledge of the administrator's password. The security issue is reported in versions 2.2.0 to 2.4.0. 3) An error in Crucible review comment search can be exploited to display review comments for otherwise restricted projects. This vulnerability is reported in Crucible versions 2.2.0 to 2.4.3. 4) An error exists in the application when anonymous access is enabled, which can be exploited to disclose usernames and email addresses. This vulnerability is reported in versions 2.2.0 to 2.4.3. SOLUTION: Update to version 2.4.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2011-01-12 http://confluence.atlassian.com/display/CRUCIBLE/FishEye+and+Crucible+Security+Advisory+2011-01-12 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 13:30:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 22:30:46 +0100 Subject: [SEC] [SA42881] DriveCrypt "DCR.sys" IOCTL Handling Privilege Escalation Vulnerability Message-ID: <201101122130.p0CLUkMq027835@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: DriveCrypt "DCR.sys" IOCTL Handling Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA42881 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42881/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42881 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42881/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42881/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42881 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in DriveCrypt, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the "DCR.sys" driver when processing IOCTLs and can be exploited to corrupt memory via a specially crafted 0x00073800 IOCTL. Successful exploitation allows execution of arbitrary code in the kernel. The vulnerability is confirmed in version 5.4. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: mu-b ORIGINAL ADVISORY: http://www.digit-labs.org/files/exploits/drivecrypt-dcr.c OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 14:25:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 23:25:00 +0100 Subject: [SEC] [SA42862] Joomla! Easy File Uploader Module File Upload Vulnerability Message-ID: <201101122225.p0CMP0rk018073@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Joomla! Easy File Uploader Module File Upload Vulnerability SECUNIA ADVISORY ID: SA42862 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42862/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42862 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42862/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42862/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42862 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Easy File Uploader module for Joomla!, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to the module improperly validating the extension of an uploaded file. This can be exploited to e.g. upload and execute arbitrary PHP files by passing an allowed MIME media type in the HTTP headers. The vulnerability is reported in versions prior to 0.6. SOLUTION: Update to version 0.6. PROVIDED AND/OR DISCOVERED BY: rustyDusty Additional information provided by Jeff Channell. ORIGINAL ADVISORY: http://michaelgilkes.info/2011/01/11/mime-type-vulnerability-fixed/ http://michaelgilkes.info/joomla-plugin-easy-file-uploader/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 14:45:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Jan 2011 23:45:25 +0100 Subject: [SEC] [SA42852] Nokia Multimedia Player Playlist Processing Buffer Overflow Vulnerability Message-ID: <201101122245.p0CMjPKq006779@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Nokia Multimedia Player Playlist Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42852 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42852/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42852 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42852/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42852/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42852 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Nokia Multimedia Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing playlist files and can be exploited to cause a stack-based buffer overflow via a specially crafted NPL file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.00.55.5010. Other versions may also be affected. SOLUTION: Do not open playlist files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Carlos Mario Penagos Hollmann OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 15:17:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 00:17:19 +0100 Subject: [SEC] [SA42882] BlackBerry Enterprise Server PDF Distiller Buffer Overflow Vulnerability Message-ID: <201101122317.p0CNHJce028500@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: BlackBerry Enterprise Server PDF Distiller Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42882 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42882/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42882 RELEASE DATE: 2011-01-12 DISCUSS ADVISORY: http://secunia.com/advisories/42882/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42882/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42882 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BlackBerry Enterprise Server, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error within the PDF distiller of the BlackBerry Attachment Service component. This can be exploited to cause a buffer overflow when a specially crafted PDF file is opened for viewing on a BlackBerry smartphone. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in BlackBerry Enterprise Server versions 4.1.3 through 5.0.2. SOLUTION: Update to the latest version or apply the Interim Security Update. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.blackberry.com/btsc/KB25382 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 15:47:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 00:47:45 +0100 Subject: [SEC] [SA42812] Ubuntu update for php5 Message-ID: <201101122347.p0CNljCQ017668@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for php5 SECUNIA ADVISORY ID: SA42812 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42812/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42812 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42812/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42812/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42812 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for php5. This fixes multiple security issues and multiple vulnerabilities, which can be exploited by malicious users to disclose sensitive information and by malicious people to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service). For more information: SA36791 SA41724 SA42135 SA42843 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1042-1: http://www.ubuntu.com/usn/usn-1042-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 16:13:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 01:13:30 +0100 Subject: [SEC] [SA42886] Sudo Group Changing Vulnerability Message-ID: <201101130013.p0D0DU8U006631@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sudo Group Changing Vulnerability SECUNIA ADVISORY ID: SA42886 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42886/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42886 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42886/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42886/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42886 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Sudo, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to Sudo not properly restricting changes of the group ID (GID), which can be exploited via the "sudo -g" command to change into a restricted GID without having to enter a password. Note: Successful exploitation requires that Sudo is configured using a certain syntax, e.g. "%sudo ALL=(ALL:ALL) ALL" is affected while "%sudo ALL=(ALL) ALL" is not. The vulnerability is confirmed in version 1.7.4-p4. Other versions may also be affected. SOLUTION: Fixed in the Mercurial repository. PROVIDED AND/OR DISCOVERED BY: Reported in a Debian bug by Alexander Kurtz. ORIGINAL ADVISORY: Debian Bug #609641: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=609641 Sudo: http://www.sudo.ws/repos/sudo/rev/fe8a94f96542 http://www.sudo.ws/repos/sudo/rev/07d1b0ce530e OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 16:48:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 01:48:16 +0100 Subject: [SEC] [SA42890] Red Hat update for kernel Message-ID: <201101130048.p0D0mG4x028379@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA42890 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42890/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42890 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42890/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42890/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42890 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose sensitive information, potentially gain escalated privileges, and bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). For more information: SA38499 SA40833 SA41245 SA41263 SA41284 SA41440 SA41493 SA42035 SA42061 SA42126 SA42173 SA42176 SA42187 SA42354 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0007-1: https://rhn.redhat.com/errata/RHSA-2011-0007.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 17:14:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 02:14:44 +0100 Subject: [SEC] [SA42889] Fedora update for bip Message-ID: <201101130114.p0D1EiOg017377@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for bip SECUNIA ADVISORY ID: SA42889 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42889/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42889 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42889/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42889/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42889 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for bip. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA41285 SOLUTION: Apply updated packages via the yum utility ("yum update bip"). ORIGINAL ADVISORY: FEDORA-2010-15774: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/052992.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 17:45:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 02:45:31 +0100 Subject: [SEC] [SA42879] Vaadin Cross-Site Scripting Vulnerability Message-ID: <201101130145.p0D1jVJu006550@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Vaadin Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA42879 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42879/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42879 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42879/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42879/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42879 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Vaadin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 6.4.9. SOLUTION: Update to version 6.4.9. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://vaadin.com/download/release/6.4/6.4.9/release-notes.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 12 18:10:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 03:10:17 +0100 Subject: [SEC] [SA42863] libpng "png_do_rgb_to_gray()" PNG Processing Vulnerability Message-ID: <201101130210.p0D2AHf7027852@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: libpng "png_do_rgb_to_gray()" PNG Processing Vulnerability SECUNIA ADVISORY ID: SA42863 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42863/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42863 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42863/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42863/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42863 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. The vulnerability is caused due to an error within the "png_do_rgb_to_gray()" function in pngrtran.c, which can be exploited to cause a buffer overflow by e.g. tricking a user into opening a specially crafted PNG file in an application using the library. The vulnerability is reported in version 1.5.0. Prior versions are not affected. SOLUTION: Fixed in version 1.5.1beta01. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Glenn Randers-Pehrson ORIGINAL ADVISORY: Glenn Randers-Pehrson: http://sourceforge.net/mailarchive/message.php?msg_id=26866318 libpng: http://libpng.sourceforge.net/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 10:32:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 19:32:22 +0100 Subject: [SEC] [SA42888] Red Hat update for python Message-ID: <201101131832.p0DIWMSB007216@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for python SECUNIA ADVISORY ID: SA42888 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42888/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42888 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42888/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42888/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42888 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for python. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA39937 SA40148 1) Multiple errors within the rgbimg module can be exploited to cause a crash and potentially execute arbitrary code by e.g. tricking a user into opening a specially crafted SGI image in an application using the module. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011-0027: https://rhn.redhat.com/errata/RHSA-2011-0027.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 11:32:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 20:32:36 +0100 Subject: [SEC] [SA42850] Google Chrome Multiple Vulnerabilities Message-ID: <201101131932.p0DJWaRW030131@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42850 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42850/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42850 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42850/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42850/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42850 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, where some have an unknown impact and others can be exploited by malicious people to manipulate certain data and potentially compromise a user's system. 1) An unspecified error exists within the extensions notification handling. 2) A second unspecified error exists when handling pointers within node iteration. 3) A third unspecified error exists when printing multi-page PDF files. 4) An error when handling CSS and canvas can be exploited to reference a stale pointer. 5) An error when handling CSS and cursors can be exploited to reference a stale pointer. 6) A use-after-free error when handling PDF pages can be exploited to reference freed memory. 7) An error due to an out-of-memory condition when processing PDF files can be exploited to cause stack corruption. 8) An error when handling mismatched video frame sizes can be exploited to reference invalid memory. 9) An error when handling SVG "" elements can be exploited to reference a stale pointer. 10) An error when handling rouge extensions can be exploited to reference an uninitialised pointer. 11) An error within the Vorbis decoder can be exploited to cause a buffer overflow. 12) An error within PDF shading can be exploited to cause a buffer overflow. 13) An error when handling anchors may result in an incorrect type cast. 14) An error when handling videos may result in an incorrect type cast. 15) An error after removal of a DOM node may result in a stale rendering node. 16) An error when handling speech can be exploited to reference a stale pointer. SOLUTION: Update to version 8.0.552.237. PROVIDED AND/OR DISCOVERED BY: The vendor credits following people: 1) Eric Roman, Chromium development community. 2,4,13,14,16) Sergey Glazunov. 5) Jan Tosovsky. 3,6) Chris Evans, Google Chrome Security Team. 7) Jared Allar, CERT. 8,12) Aki Helin, OUSPG 8,15) SkyLined, Google Chrome Security Team. 8,11) David Warren, CERT. 9) Anonymous and miaubiz. 10) kuzzcc. 15) Martin Barbella. ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2011/01/chrome-stable-release.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 12:32:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 21:32:26 +0100 Subject: [SEC] [SA42884] Red Hat update for kernel Message-ID: <201101132032.p0DKWQcF020611@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA42884 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42884/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42884 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42884/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42884/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42884 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information and cause a DoS (Denial of Service), and by malicious people to cause a DoS. For more information: SA38499 SA40205 SA41440 SA41493 SA42187 SA42395 1) The "get_name()" function in net/tipc/socket.c is not properly initializing a structure before copying it to userspace. This can be exploited to disclose potentially sensitive information. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011-0017: https://rhn.redhat.com/errata/RHSA-2011-0017.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 13:31:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 22:31:52 +0100 Subject: [SEC] [SA42883] InduSoft Web Studio NTWebServer Buffer Overflow Vulnerability Message-ID: <201101132131.p0DLVqKG011091@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: InduSoft Web Studio NTWebServer Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42883 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42883/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42883 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42883/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42883/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42883 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in InduSoft Web Studio, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the bundled test web server (NTWebServer.exe). This can be exploited to cause a stack-based buffer overflow via an overly long string (greater than 2048 bytes) sent in a web request. Successful exploitation may allow execution of arbitrary code, but requires the web server to be enabled (disabled by default). The vulnerability is reported in version 7.0. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. Use a different web server. PROVIDED AND/OR DISCOVERED BY: US-CERT credits Jeremy Brown. ORIGINAL ADVISORY: InduSoft: http://www.indusoft.com/blog/?p=337 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 14:26:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 23:26:39 +0100 Subject: [SEC] [SA42903] Advantech Studio NTWebServer Buffer Overflow Vulnerability Message-ID: <201101132226.p0DMQdAT001291@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Advantech Studio NTWebServer Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42903 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42903/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42903 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42903/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42903/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42903 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Advantech Studio, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA42883 The vulnerability is reported in version 6.1 and prior. SOLUTION: Apply patch. PROVIDED AND/OR DISCOVERED BY: The vendor credits Jeremy Brown via US-CERT. ORIGINAL ADVISORY: http://support.advantech.com.tw/support/DownloadSRDetail.aspx?SR_ID=1-I1B0TD&Doc_Source=Download OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 14:50:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Jan 2011 23:50:33 +0100 Subject: [SEC] [SA42887] Shibboleth Identity Provider TransientID Mapping Security Issue Message-ID: <201101132250.p0DMoXJN022626@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Shibboleth Identity Provider TransientID Mapping Security Issue SECUNIA ADVISORY ID: SA42887 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42887/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42887 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42887/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42887/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42887 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Shibboleth, which can be exploited by malicious users to disclose potentially sensitive information. The security issue is caused due to the Identity Provider assigning the same transient ID to multiple users. This can be exploited to disclose attribute query results of another user. Successful exploitation requires session IP address checking to be disabled (enabled by default) and an attacker's IP address to change after authentication but before a SAML response is sent. The security issue is reported in versions prior to 2.2.1. SOLUTION: Update to version 2.2.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Robert Egglestone, Univ. of Auckland. ORIGINAL ADVISORY: http://shibboleth.internet2.edu/secadv/secadv_20110113.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 15:18:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 00:18:10 +0100 Subject: [SEC] [SA42891] libuser Default Password Security Issue Message-ID: <201101132318.p0DNIAgm011781@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: libuser Default Password Security Issue SECUNIA ADVISORY ID: SA42891 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42891/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42891 RELEASE DATE: 2011-01-13 DISCUSS ADVISORY: http://secunia.com/advisories/42891/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42891/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42891 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in libuser, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to libuser setting a default user password when e.g. not specifying a password while adding a new user via the "luseradd" utility, which can be exploited to bypass certain authentication checks with a known password. The security issue is reported in versions prior to 0.57. SOLUTION: Update to version 0.57. PROVIDED AND/OR DISCOVERED BY: Reported in a Red Hat bug report. ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-0002 https://fedorahosted.org/libuser/browser/NEWS?rev=1579%3A1114f9b1a156 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 15:49:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 00:49:54 +0100 Subject: [SEC] [SA42855] Destoon B2B "X-Forwarded-For" SQL Injection Vulnerability Message-ID: <201101132349.p0DNnseu000949@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Destoon B2B "X-Forwarded-For" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42855 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42855/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42855 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42855/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42855/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42855 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: k4shifz has reported a vulnerability in Destoon B2B, which can be exploited by malicious people to conduct SQL Injection attacks. Input passed via the "X-Forwarded-For" HTTP header to e.g. wap/index.php (when "action" is set to "answer" and "moduleid" and "itemid" are set) is not properly sanitised in the "get_env()" function in include/global.func.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 3.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: k4shifz, Wolves Security Team. ORIGINAL ADVISORY: http://bbs.wolvez.org/viewtopic.php?id=178 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 16:16:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 01:16:05 +0100 Subject: [SEC] [SA42885] Oracle Solaris Samba SID Parsing Buffer Overflow Vulnerability Message-ID: <201101140016.p0E0G5ZY022399@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Samba SID Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42885 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42885/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42885 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42885/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42885/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42885 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Solaris, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA41354 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2010_3069_multiple_stack OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 16:50:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 01:50:24 +0100 Subject: [SEC] [SA42899] Contao "X_FORWARDED_FOR" Script Insertion Vulnerability Message-ID: <201101140050.p0E0oOaq011744@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Contao "X_FORWARDED_FOR" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA42899 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42899/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42899 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42899/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42899/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42899 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Contao, which can be exploited by malicious people to conduct script-insertion attacks. Input passed via the "X_FORWARDED_FOR" HTTP header is not properly sanitised before being used when submitting a comment. This can be exploited to insert arbitrary HTML and script code, which will get executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is confirmed in version 2.9.2. Prior versions may also be affected. SOLUTION: Update to version 2.9.3. PROVIDED AND/OR DISCOVERED BY: David Vieira-Kurz, MajorSecurity ORIGINAL ADVISORY: Contao: http://www.contao.org/news/items/contao-2_9_3.html http://dev.contao.org/issues/2751 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 17:16:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 02:16:30 +0100 Subject: [SEC] [SA42898] HP LoadRunner Unspecified Code Execution Vulnerability Message-ID: <201101140116.p0E1GULM000656@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: HP LoadRunner Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA42898 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42898/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42898 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42898/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42898/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42898 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP LoadRunner, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in version 9.52. SOLUTION: Apply the workaround (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits AbdulAziz Hariri via ZDI. ORIGINAL ADVISORY: HPSBMA02624 SSRT100195: http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02680678 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 17:47:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 02:47:58 +0100 Subject: [SEC] [SA42878] Symantec Web Gateway Management Interface "USERNAME" SQL Injection Message-ID: <201101140147.p0E1lwfW022351@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Symantec Web Gateway Management Interface "USERNAME" SQL Injection SECUNIA ADVISORY ID: SA42878 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42878/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42878 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42878/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42878/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42878 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Symantec Web Gateway, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "USERNAME" parameter to login.php in the management interface is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can further be exploited to compromise a vulnerable system. The vulnerability is reported in version 4.5. Other versions may also be affected. SOLUTION: Update to version 4.5.0.376 or later. PROVIDED AND/OR DISCOVERED BY: RadLSneak via ZDI. ORIGINAL ADVISORY: Symantec: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110112_00 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-013/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 18:13:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 03:13:13 +0100 Subject: [SEC] [SA42823] Drupal Panels Module Script Insertion Vulnerability Message-ID: <201101140213.p0E2DD9b011293@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Drupal Panels Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA42823 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42823/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42823 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42823/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42823/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42823 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Panels module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires "administer advanced pane settings" permission and at least one permission allowing for creation or editing of panels (e.g. "use page manager", "administer mini panels", or "create panel nodes"). The vulnerability is reported in versions prior to 6.x-3.9. SOLUTION: Update to version 6.x-3.9. PROVIDED AND/OR DISCOVERED BY: The vendor credits Justin Klein Keane. ORIGINAL ADVISORY: SA-CONTRIB-2011-002: http://drupal.org/node/1024972 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 13 18:49:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 03:49:33 +0100 Subject: [SEC] [SA42892] Red Hat update for gcc Message-ID: <201101140249.p0E2nXbK000661@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for gcc SECUNIA ADVISORY ID: SA42892 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42892/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42892 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42892/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42892/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42892 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for gcc. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input validation error when extracting JAR archives. This can be exploited to extract files to arbitrary locations outside the specified directory via directory traversal sequences in the file path. This is related to: SA17839 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0025-1: https://rhn.redhat.com/errata/RHSA-2011-0025.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 10:32:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 19:32:02 +0100 Subject: [SEC] [SA42904] Sybase EAServer Two Vulnerabilities Message-ID: <201101141832.p0EIW2Ej031391@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sybase EAServer Two Vulnerabilities SECUNIA ADVISORY ID: SA42904 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42904/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42904 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42904/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42904/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42904 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Sybase EAServer, which can be exploited by malicious people to disclose sensitive information and bypass certain security restrictions. 1) Certain unspecified input is not properly sanitised before being used to read files. This can be exploited to read arbitrary files from local resources via directory traversal attacks. This vulnerability affects Sybase EAServer versions 6.3 and prior and versions 5.x. 1) A design error can be exploited to install arbitrary web services. Successful exploitation of this vulnerability may allow execution of arbitrary code. This vulnerability affects Sybase EAServer versions 6.3 and prior. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits iDefense Labs. ORIGINAL ADVISORY: http://www.sybase.com/detail?id=1091057 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 11:32:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 20:32:30 +0100 Subject: [SEC] [SA42875] Debian update for mysql-dfsg-5.0 Message-ID: <201101141932.p0EJWUg2021913@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for mysql-dfsg-5.0 SECUNIA ADVISORY ID: SA42875 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42875/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42875 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42875/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42875/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42875 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for mysql-dfsg-5.0. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA41048 SA41716 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2143-1: http://lists.debian.org/debian-security-announce/2011/msg00007.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 12:32:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 21:32:03 +0100 Subject: [SEC] [SA42929] Joomla! Mosets Tree Component Two Vulnerabilities Message-ID: <201101142032.p0EKW3pr012384@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Joomla! Mosets Tree Component Two Vulnerabilities SECUNIA ADVISORY ID: SA42929 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42929/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42929 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42929/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42929/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42929 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Mosets Tree component for Joomla!, which can be exploited by malicious users to bypass certain security restrictions. 1) The component allows users to overwrite other users' listings. No further information is currently available. 2) The component allows a certain unspecified read-only front-end field to be overwritten. No further information is currently available. The vulnerabilities are reported in versions prior to 2.1.8. SOLUTION: Update to version 2.1.8. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Mosets Tree: http://forum.mosets.com/showthread.php?t=17064 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 13:32:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 22:32:22 +0100 Subject: [SEC] [SA42859] NVIDIA CUDA Toolkit Developer Drivers for Linux Memory Disclosure Message-ID: <201101142132.p0ELWMBC002885@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: NVIDIA CUDA Toolkit Developer Drivers for Linux Memory Disclosure SECUNIA ADVISORY ID: SA42859 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42859/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42859 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42859/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42859/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42859 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the NVIDIA CUDA Toolkit Developer Drivers for Linux, which can be exploited by malicious, local users to disclose potentially sensitive information. The vulnerabilities are caused due to the "cudaHostAlloc()" and "cuMemHostAlloc()" API calls returning uncleared pinned memory, which can be exploited to disclose potentially sensitive memory contents. The vulnerabilities are reported in NVIDIA CUDA Toolkit 3.2 Developer Drivers for Linux version 260.19.26 (64Bit). Other versions may also be affected. SOLUTION: Restrict access to trusted users. PROVIDED AND/OR DISCOVERED BY: Alex Granovsky ORIGINAL ADVISORY: http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7675-1380-00.htm http://classic.chem.msu.su/cgi-bin/ceilidh.exe/gran/gamess/forum/?C35e9ea936bHW-7676-1022+00.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 14:26:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 23:26:38 +0100 Subject: [SEC] [SA42901] Objectivity/DB Administrative Operations Security Issue Message-ID: <201101142226.p0EMQcm8025519@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Objectivity/DB Administrative Operations Security Issue SECUNIA ADVISORY ID: SA42901 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42901/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42901 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42901/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42901/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42901 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Objectivity/DB, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service). The security issue is caused due to some components (e.g. Lock Server and Advanced Multithreaded Server) allowing to perform various administrative operations without authentication. This can be exploited to e.g. shutdown the application servers by sending specific commands to TCP ports 6779 and 6780. The security issue is reported in version R10. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists). PROVIDED AND/OR DISCOVERED BY: Jeremy Brown OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 14:47:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Jan 2011 23:47:07 +0100 Subject: [SEC] [SA42913] Fedora update for Django Message-ID: <201101142247.p0EMl7nm014250@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for Django SECUNIA ADVISORY ID: SA42913 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42913/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42913 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42913/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42913/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42913 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for Django. This fixes two security issues, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service). For more information: SA42715 SOLUTION: Apply updated packages via the yum utility ("yum update Django"). ORIGINAL ADVISORY: FEDORA-2011-0096: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053041.html FEDORA-2011-0120: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053072.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 15:18:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Jan 2011 00:18:48 +0100 Subject: [SEC] [SA42912] Fedora update for pcsc-lite Message-ID: <201101142318.p0ENImud003556@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for pcsc-lite SECUNIA ADVISORY ID: SA42912 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42912/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42912 RELEASE DATE: 2011-01-14 DISCUSS ADVISORY: http://secunia.com/advisories/42912/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42912/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42912 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for pcsc-lite. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA42659 SOLUTION: Apply updated packages via the yum utility ("yum update pcsc-lite"). ORIGINAL ADVISORY: FEDORA-2011-0123: https://admin.fedoraproject.org/updates/pcsc-lite-1.5.5-5.fc13 FEDORA-2011-0164: https://admin.fedoraproject.org/updates/pcsc-lite-1.6.4-3.fc14 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 15:49:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Jan 2011 00:49:38 +0100 Subject: [SEC] [SA42894] Winlog Pro TCP/IP Server Buffer Overflow Vulnerability Message-ID: <201101142349.p0ENnc7B025157@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Winlog Pro TCP/IP Server Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42894 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42894/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42894 RELEASE DATE: 2011-01-15 DISCUSS ADVISORY: http://secunia.com/advisories/42894/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42894/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42894 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has reported a vulnerability in Winlog Pro, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when processing certain protocol data and can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to TCP port 46823. Successful exploitation may allow execution of arbitrary code, but requires the "Run TCP/IP Server" option to be enabled (disabled by default). The vulnerability is reported in versions prior to 2.07.01. SOLUTION: Update to version 2.07.01. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/winlog_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 14 16:14:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Jan 2011 01:14:57 +0100 Subject: [SEC] [SA42914] Fedora update for wireshark Message-ID: <201101150014.p0F0Evp0014100@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for wireshark SECUNIA ADVISORY ID: SA42914 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42914/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42914 RELEASE DATE: 2011-01-15 DISCUSS ADVISORY: http://secunia.com/advisories/42914/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42914/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42914 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA42767 SOLUTION: Apply updated packages via the yum utility ("yum update wireshark"). ORIGINAL ADVISORY: FEDORA-2011-0167: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053061.html FEDORA-2011-0128: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053042.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 10:35:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Jan 2011 19:35:26 +0100 Subject: [SEC] [SA42942] Cisco ASA 5500 Series Multicast Traffic Denial of Service Message-ID: <201101171835.p0HIZQQn019183@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Cisco ASA 5500 Series Multicast Traffic Denial of Service SECUNIA ADVISORY ID: SA42942 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42942/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42942 RELEASE DATE: 2011-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/42942/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42942/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42942 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco ASA (Adaptive Security Appliance) 5500 Series, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when handling multicast traffic and can be exploited to exhaust certain resources (1550 blocks). The vulnerability is reported in version 8.2(4) and prior. SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 11:32:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Jan 2011 20:32:40 +0100 Subject: [SEC] [SA42897] SmoothWall Express Web Interface Two Vulnerabilities Message-ID: <201101171932.p0HJWesw009595@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SmoothWall Express Web Interface Two Vulnerabilities SECUNIA ADVISORY ID: SA42897 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42897/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42897 RELEASE DATE: 2011-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/42897/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42897/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42897 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: dave b has reported two vulnerabilities in SmoothWall Express, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed via the "IP" parameter to cgi-bin/ipinfo.cgi is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. cause a reboot by tricking the administrator into visiting a malicious web site. The vulnerabilities are confirmed in SmoothWall Express 3.0 SP2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: dave b ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0236.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 12:31:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Jan 2011 21:31:39 +0100 Subject: [SEC] [SA42900] Debian update for mydms Message-ID: <201101172031.p0HKVdWI032455@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for mydms SECUNIA ADVISORY ID: SA42900 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42900/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42900 RELEASE DATE: 2011-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/42900/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42900/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42900 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for mydms. This fixes a vulnerability, which can be exploited by malicious users and malicious people to disclose sensitive information. For more information: SA38237 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2146-1: http://lists.debian.org/debian-security-announce/2011/msg00010.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 13:31:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Jan 2011 22:31:32 +0100 Subject: [SEC] [SA42793] Debian update for pimd Message-ID: <201101172131.p0HLVWe9022966@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for pimd SECUNIA ADVISORY ID: SA42793 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42793/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42793 RELEASE DATE: 2011-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/42793/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42793/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42793 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for pimd. This fixes two security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA42759 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA 2147-1: http://lists.debian.org/debian-security-announce/2011/msg00011.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 14:25:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Jan 2011 23:25:09 +0100 Subject: [SEC] [SA42938] IBM WebSphere Application Server Two Vulnerabilities Message-ID: <201101172225.p0HMP9XK013209@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server Two Vulnerabilities SECUNIA ADVISORY ID: SA42938 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42938/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42938 RELEASE DATE: 2011-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/42938/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42938/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42938 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM WebSphere Application Server, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions. 1) Certain unspecified input passed to the web container can be exploited to conduct cross-site scripting attacks. For more information see vulnerability #2 in: SA42190 2) The administration console does not properly restrict access to console servlets. For more information see vulnerability #3 in: SA42136 The vulnerabilities are reported in versions prior to 7.0 Fix Pack 15 (7.0.0.15). SOLUTION: Apply APARs PM18512 and PM24372 or update to version 7.0.0.15 scheduled to be released on 7th February, 2011. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PM18512, PM24372): http://www-01.ibm.com/support/docview.wss?uid=swg27004980 http://xforce.iss.net/xforce/xfdb/64554 http://xforce.iss.net/xforce/xfdb/64558 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 14:45:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Jan 2011 23:45:55 +0100 Subject: [SEC] [SA42946] MeshCMS Cross-Site Request Forgery Vulnerability Message-ID: <201101172245.p0HMjtgJ001903@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: MeshCMS Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA42946 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42946/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42946 RELEASE DATE: 2011-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/42946/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42946/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42946 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MeshCMS, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add an administrative user by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerability is confirmed in version 3.5. Other versions may also be affected. SOLUTION: Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: mr_me ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15997 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 15:16:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 00:16:58 +0100 Subject: [SEC] [SA42909] SPIP Multiple Vulnerabilities Message-ID: <201101172316.p0HNGwTR023680@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SPIP Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42909 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42909/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42909 RELEASE DATE: 2011-01-17 DISCUSS ADVISORY: http://secunia.com/advisories/42909/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42909/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42909 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in SPIP, where some have unknown impacts and others can be exploited by malicious people to disclose potentially sensitive information. 1) Input passed via the "op" parameter to spip.php (if "page" is set to "rss" or "transmettre") is not properly verified before being used to include template files. This can be exploited to e.g. include arbitrary template files from local resources via directory traversal attacks. 2) Some vulnerabilities are caused due to a unspecified errors and have an unknown impact. SOLUTION: Update to version 2.1.8. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Arnaud Pachot 2) Matsumaya ORIGINAL ADVISORY: http://www.spip-contrib.net/SPIP-2-1-8-corrige-une-importante-faille-de-securite OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 15:48:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 00:48:31 +0100 Subject: [SEC] [SA42931] Cisco ASA 5500 Series Multiple Vulnerabilities Message-ID: <201101172348.p0HNmVFm012902@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Cisco ASA 5500 Series Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42931 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42931/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42931 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42931/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42931/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42931 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco ASA (Adaptive Security Appliance) 5500 Series, which can be exploited by malicious users and malicious people to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). 1) An error when handling EIGRP multicast traffic can be exploited to exhaust certain system resources. 2) An error when handling TELNET connections can be exploited to bypass certain access restrictions by connecting to the lowest security level interface. Successful exploitation of this vulnerability requires valid credentials. 3) An error when handling unspecified IPSEC traffic can be exploited to cause a device to crash via a high volume of traffic. 4) An error in emWEB when handling filename requests can be exploited to crash the daemon by requesting a filename containing white space characters. 5) An error when handling packets during device startup can be exploited to bypass configured access restrictions. 6) An error when handling Online Certificate Status Protocol (OCSP) connection failures can be exploited by OCSP responders to exhaust TCP sockets by rejecting connection attempts. 7) An error in the WebVPN implementation when handling CIFS connections can be exploited to access a share via certain CIFS requests. Successful exploitation of this vulnerability requires valid credentials and CIFS file browsing to be disabled. 8) An error within SMTP inspection can be exploited to bypass the inspection via prepended space characters. 9) An error when handling LDAP connections can be exploited to exhaust memory resources via invalid authentication attempts. 10) An error within SIP inspection can be exploited to crash a device via a high volume of calls (greater than 600). 11) An error in the Mobile User Security (MUS) service when handling HTTP requests from a Web Security Appliance (WSA) can be exploited to bypass authentication via a HEAD request. 12) An error when handling unspecified multicast traffic can be exploited to crash a device. 13) An error when handling LAN-to-LAN (L2L) IPSEC sessions can be exploited to crash a device via a high volume of sessions (greater than 10000). The vulnerabilities are reported in versions prior to 8.2(4) and 8.3(2). SOLUTION: Update to versions 8.2(4) and 8.3(2). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/en/US/docs/security/asa/asa82/release/notes/asarn82.html http://www.cisco.com/en/US/docs/security/asa/asa83/release/notes/asarn83.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 16:13:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 01:13:27 +0100 Subject: [SEC] [SA42893] Gentoo update for IO-Socket-SSL Message-ID: <201101180013.p0I0DROC001807@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for IO-Socket-SSL SECUNIA ADVISORY ID: SA42893 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42893/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42893 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42893/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42893/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42893 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for IO-Socket-SSL. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA35703 SOLUTION: Update to version "dev-perl/IO-Socket-SSL-1.26" or later. ORIGINAL ADVISORY: GLSA 201101-06: http://www.gentoo.org/security/en/glsa/glsa-201101-06.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 16:47:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 01:47:31 +0100 Subject: [SEC] [SA42896] Gentoo update for openafs Message-ID: <201101180047.p0I0lVMI023610@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for openafs SECUNIA ADVISORY ID: SA42896 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42896/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42896 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42896/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42896/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42896 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for openafs. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or to potentially compromise a user's system. For more information: SA34655 SOLUTION: Update to version "net-fs/openafs-1.4.9" or later. ORIGINAL ADVISORY: GLSA 201101-05: http://www.gentoo.org/security/en/glsa/glsa-201101-05.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 17:13:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 02:13:27 +0100 Subject: [SEC] [SA42933] BlackMoon FTP Server PORT Command Processing Denial of Service Message-ID: <201101180113.p0I1DRGR012595@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: BlackMoon FTP Server PORT Command Processing Denial of Service SECUNIA ADVISORY ID: SA42933 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42933/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42933 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42933/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42933/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42933 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in BlackMoon FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL-pointer dereference error when processing the FTP "PORT" command. This can be exploited to cause the FTPService.exe process to crash via an overly long string. The vulnerability is confirmed in version 3.1.7.1736. Other versions may also be affected. SOLUTION: Update to version 3.1.8.1737. PROVIDED AND/OR DISCOVERED BY: Craig Freyman ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/15986 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 17:45:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 02:45:58 +0100 Subject: [SEC] [SA42902] Debian update for libsmi Message-ID: <201101180145.p0I1jwDS001821@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for libsmi SECUNIA ADVISORY ID: SA42902 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42902/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42902 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42902/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42902/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42902 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for libsmi. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA41841 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2145-1: http://lists.debian.org/debian-security-announce/2011/msg00009.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 18:10:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 03:10:53 +0100 Subject: [SEC] [SA42906] Gentoo update for aria2 Message-ID: <201101180210.p0I2AruV023205@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for aria2 SECUNIA ADVISORY ID: SA42906 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42906/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42906 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42906/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42906/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42906 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for aria2. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA39529 SOLUTION: Update to version "net-misc/aria2-1.9.3" or later. ORIGINAL ADVISORY: GLSA 201101-04: http://www.gentoo.org/security/en/glsa/glsa-201101-04.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 18:46:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 03:46:00 +0100 Subject: [SEC] [SA42943] PHP-Fusion Teams Structure Module "team_id" SQL Injection Vulnerability Message-ID: <201101180246.p0I2k0jP012602@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PHP-Fusion Teams Structure Module "team_id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42943 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42943/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42943 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42943/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42943/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42943 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Teams Structure module for PHP-Fusion, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "team_id" parameter to infusions/teams_structure/team.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 3.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Saif El-Sherei OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 19:17:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 04:17:36 +0100 Subject: [SEC] [SA42941] IBM WebSphere MQ Invalid Message Buffer Overflow Vulnerability Message-ID: <201101180317.p0I3HaB6002272@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM WebSphere MQ Invalid Message Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42941 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42941/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42941 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42941/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42941/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42941 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere MQ, which can be exploited by malicious users to potentially compromise a vulnerable system. The vulnerability is caused due to an error while processing messages in the queue and can be exploited to cause a heap-based buffer overflow by inserting a specially crafted, invalid message. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply APAR IZ81294 or update to versions 6.0.2.11 or 7.0.1.5 when available. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IZ81294): https://www-304.ibm.com/support/docview.wss?uid=swg21254675 http://xforce.iss.net/xforce/xfdb/64550 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 19:44:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 04:44:51 +0100 Subject: [SEC] [SA42917] Cisco IOS Multiple Vulnerabilities Message-ID: <201101180344.p0I3ipqE023774@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Cisco IOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42917 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42917/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42917 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42917/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42917/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42917 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). 1) An error when processing certain IRC traffic can be exploited to cause a device reload by accessing an IRC channel within 36 hours of a reload. 2) An error in the CME (Communication Manager Express) component when handling a SNR number change menu from an extension mobility phone can be exploited to crash the device. 3) A memory leak when processing UDP SIP REGISTER packets can be exploited to exhaust memory resources via a specially crafted SIP packet. 4) An error in the PKI implementation does not clear the public key cache for the peers when the certificate map is changed. This can be exploited to reconnect and bypass the certificate ban. 5) A memory fragmentation error in the CME (Communication Manager Express) component when handling SIP TRUNK traffic can be exploited to exhaust memory resources via specially crafted SIP packets. SOLUTION: Update to Cisco IOS version 15.0(1)XA5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/en/US/docs/ios/15_0/15_0x/15_01_XA/rn800xa.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 20:09:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 05:09:46 +0100 Subject: [SEC] [SA42908] Gentoo update for libvpx Message-ID: <201101180409.p0I49kYE012698@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for libvpx SECUNIA ADVISORY ID: SA42908 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42908/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42908 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42908/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42908/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42908 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for libvpx. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA42118 SOLUTION: Update to version "media-libs/libvpx-0.9.5" or later. ORIGINAL ADVISORY: GLSA 201101-03: http://www.gentoo.org/security/en/glsa/glsa-201101-03.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 20:23:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 05:23:48 +0100 Subject: [SEC] [SA42932] SUSE update for kernel Message-ID: <201101180423.p0I4NmOo001085@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA42932 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42932/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42932 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42932/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42932/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42932 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS. For more information: SA41263 SA41440 SA41493 SA42035 SA42094 SA42148 SA42172 SA42176 SA42187 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2011:004: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00004.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 20:44:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 05:44:48 +0100 Subject: [SEC] [SA42910] Debian update for wireshark Message-ID: <201101180444.p0I4imNh022309@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for wireshark SECUNIA ADVISORY ID: SA42910 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42910/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42910 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42910/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42910/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42910 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for wireshark. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA42767 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2144-1: http://lists.debian.org/debian-security-announce/2011/msg00008.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 21:10:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 06:10:33 +0100 Subject: [SEC] [SA42820] Gentoo update for prewikka Message-ID: <201101180510.p0I5AXV2011274@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for prewikka SECUNIA ADVISORY ID: SA42820 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42820/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42820 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42820/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42820/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42820 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for prewikka. This fixes a weakness, which can be exploited by malicious, local users to disclose potentially sensitive information. For more information: SA34928 SOLUTION: Update to version "net-analyzer/prewikka-0.9.14-r2" or later. ORIGINAL ADVISORY: GLSA 201101-07: http://www.gentoo.org/security/en/glsa/glsa-201101-07.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 17 21:24:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 06:24:08 +0100 Subject: [SEC] [SA42916] Gentoo update for tor Message-ID: <201101180524.p0I5O8NP032095@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for tor SECUNIA ADVISORY ID: SA42916 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42916/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42916 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42916/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42916/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42916 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for tor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA42536 SOLUTION: Update to version "net-misc/tor-0.2.1.28" or later. ORIGINAL ADVISORY: GLSA 201101-02: http://www.gentoo.org/security/en/glsa/glsa-201101-02.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 10:30:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 19:30:03 +0100 Subject: [SEC] [SA42953] Simploo CMS PHP Code Execution Vulnerability Message-ID: <201101181830.p0IIU3eT022908@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Simploo CMS PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA42953 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42953/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42953 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42953/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42953/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42953 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Simploo CMS, which can be exploited by malicious users to compromise a vulnerable system. Input passed via the "FTP-Server" field when editing FTP options is not properly sanitised in lib/Simploo/Config/Writer/Ini.php before being saved to the config/custom/base.ini.php file. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation requires "write" privileges to the "Admin Panel". The vulnerability is confirmed in version 1.7.1 Community Edition. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: David Vieira-Kurz, MajorSecurity OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 11:29:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 20:29:54 +0100 Subject: [SEC] [SA42955] IBM Tivoli Access Manager for e-business Directory Traversal Vulnerability Message-ID: <201101181929.p0IJTsYi013412@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM Tivoli Access Manager for e-business Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA42955 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42955/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42955 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42955/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42955/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42955 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM Tivoli Access Manager for e-business, which can be exploited by malicious people to disclose sensitive information. Certain unspecified input passed to the WebSEAL server is not properly verified before being used to read files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks. This may be related to: SA42727 The vulnerability is reported in versions 6.1.0.5, 6.0.0.253, and 5.1.0 running on AIX, Linux, Solaris, and Windows. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www-01.ibm.com/support/docview.wss?uid=swg21459999 http://www-01.ibm.com/support/docview.wss?uid=swg24028860 http://www-01.ibm.com/support/docview.wss?uid=swg24028861 http://www-01.ibm.com/support/docview.wss?uid=swg24025790 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 12:29:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 21:29:36 +0100 Subject: [SEC] [SA42905] Debian update for tor Message-ID: <201101182029.p0IKTanH003904@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for tor SECUNIA ADVISORY ID: SA42905 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42905/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42905 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42905/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42905/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42905 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for tor. This fixes a weakness and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA42907 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2148-1: http://www.us.debian.org/security/2011/dsa-2148 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 13:31:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 22:31:50 +0100 Subject: [SEC] [SA42915] Geeklog Forum Plugin Script Insertion Vulnerability Message-ID: <201101182131.p0ILVob9026926@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Geeklog Forum Plugin Script Insertion Vulnerability SECUNIA ADVISORY ID: SA42915 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42915/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42915 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42915/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42915/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42915 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Forum plugin for Geeklog, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified parameters passed via BBcode tags is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is reported in versions prior to 2.7.4. SOLUTION: Update to version 2.7.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits Saif El-Shere. ORIGINAL ADVISORY: http://www.geeklog.net/article.php/forum-2.7.4 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 14:24:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 23:24:08 +0100 Subject: [SEC] [SA42937] Kingsoft Antivirus 2011 "kisknl.sys" Driver Denial of Service Message-ID: <201101182224.p0IMO88l017092@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Kingsoft Antivirus 2011 "kisknl.sys" Driver Denial of Service SECUNIA ADVISORY ID: SA42937 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42937/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42937 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42937/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42937/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42937 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Kingsoft Antivirus 2011, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling system service calls in the "kisknl.sys" driver and can be exploited to cause a page fault error in the kernel and crash the system. The vulnerability is confirmed in version 2011 SP5.2.01141 (kisknl.sys 2011.1.13.89). Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: MJ0011 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 14:45:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Jan 2011 23:45:00 +0100 Subject: [SEC] [SA42957] Rocomotion Products Script Insertion Vulnerability Message-ID: <201101182245.p0IMj0wJ005856@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Rocomotion Products Script Insertion Vulnerability SECUNIA ADVISORY ID: SA42957 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42957/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42957 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42957/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42957/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42957 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Rocomotion products, which can be exploited by malicious people to conduct script insertion attacks. Certain unspecified input is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Please see the vendor's advisory for the list of affected software. SOLUTION: Updated to a patched version. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: JVN credits Saeki Tominaga, KINOTROPE. ORIGINAL ADVISORY: Rocomotion: http://another.rocomotion.jp/12949466953653.html JVN: http://jvn.jp/en/jp/JVN09115481/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000006.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 15:17:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 00:17:01 +0100 Subject: [SEC] [SA42930] Red Hat update for exim Message-ID: <201101182317.p0INH1sV027514@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for exim SECUNIA ADVISORY ID: SA42930 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42930/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42930 RELEASE DATE: 2011-01-18 DISCUSS ADVISORY: http://secunia.com/advisories/42930/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42930/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42930 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for exim. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges. The weakness is caused due to the "exim" user being able to load specially crafted configuration files, which can be exploited to execute arbitrary commands as the "root" user via the "${run }" command. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011-0153: http://rhn.redhat.com/errata/RHSA-2011-0153.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 15:48:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 00:48:42 +0100 Subject: [SEC] [SA42945] BetMore Site Suite "bid" SQL Injection Vulnerability Message-ID: <201101182348.p0INmgbY016853@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: BetMore Site Suite "bid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42945 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42945/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42945 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42945/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42945/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42945 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BetMore Site Suite, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "bid" parameter to mainx_a.php (when "x" and "xid" are set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: BorN To K!LL - h4ck3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 16:14:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 01:14:51 +0100 Subject: [SEC] [SA42956] HPLIP SNMP Response Processing Buffer Overflow Vulnerability Message-ID: <201101190014.p0J0EplF005860@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: HPLIP SNMP Response Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42956 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42956/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42956 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42956/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42956/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42956 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HPLIP, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the "hpmud_get_pml()" function (io/hpmud/pml.c) when using certain tools to discover devices using SNMP. This can be exploited to cause a stack-based buffer overflow by returning a specially crafted SNMP response. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 3.10.9. Other versions may also be affected. SOLUTION: Do not use SNMP-based command line tools. PROVIDED AND/OR DISCOVERED BY: Sebastian Krahmer, SuSE Security Team. ORIGINAL ADVISORY: https://bugzilla.novell.com/show_bug.cgi?id=336658 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 16:49:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 01:49:00 +0100 Subject: [SEC] [SA42907] Tor Multiple Vulnerabilities Message-ID: <201101190049.p0J0n0uh027624@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Tor Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42907 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42907/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42907 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42907/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42907/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42907 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and two vulnerabilities have been reported in Tor, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. 1) An unspecified error can be exploited to cause a heap-based memory corruption. 2) An error within the handling of zlib-compressed data can be exploited to cause a DoS by sending specially crafted compressed data. 3) Various functions do not properly clear keys from memory before freeing them, which may lead to the disclosure of the keys. The weakness and the vulnerabilities are reported in versions prior to 0.2.1.29. SOLUTION: Update to version 0.2.1.29. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) debuger 2) doorss 3) cypherpunks ORIGINAL ADVISORY: http://blog.torproject.org/blog/tor-02129-released-security-patches 2) https://trac.torproject.org/projects/tor/ticket/2324 3) https://trac.torproject.org/projects/tor/ticket/2384 https://trac.torproject.org/projects/tor/ticket/2385 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 18 17:18:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 02:18:11 +0100 Subject: [SEC] [SA42939] Red Hat update for hplip Message-ID: <201101190118.p0J1IB0I016762@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for hplip SECUNIA ADVISORY ID: SA42939 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42939/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42939 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42939/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42939/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42939 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA42956 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0154-1: https://rhn.redhat.com/errata/RHSA-2011-0154.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 10:30:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 19:30:14 +0100 Subject: [SEC] [SA42948] Apache Derby "BUILTIN" Authentication Scheme Security Issue Message-ID: <201101191830.p0JIUEL0019170@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Apache Derby "BUILTIN" Authentication Scheme Security Issue SECUNIA ADVISORY ID: SA42948 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42948/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42948 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42948/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42948/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42948 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Marcell Major has reported a security issue in Apache Derby, which can be exploited by malicious people to bypass certain security features. The security issue is caused due to improper transformation used in the "BUILTIN" authentication functionality, which reduces the size of the set of input passed to SHA-1 when generating password hashes. This makes it easier to crack passwords via hash collisions. SOLUTION: Update to version 10.6.1.0 or later. PROVIDED AND/OR DISCOVERED BY: Marcell Major ORIGINAL ADVISORY: Apache Derby: http://old.nabble.com/-ANNOUNCE--Apache-Derby-10.6.1.0-released-td28610453.html https://issues.apache.org/jira/browse/DERBY-4483 Marcell Major: http://marcellmajor.com/derbyhash.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 11:29:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 20:29:58 +0100 Subject: [SEC] [SA42926] Oracle Solaris Adobe Flash Player Multiple Vulnerabilities Message-ID: <201101191929.p0JJTwE9009684@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Adobe Flash Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42926 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42926/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42926 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42926/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42926/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42926 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged multiple vulnerabilities in Solaris, which can be exploited by malicious people to disclose sensitive information, bypass certain security restrictions, or compromise a user's system. For more information: SA41917 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_adobe_flash1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 12:30:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 21:30:02 +0100 Subject: [SEC] [SA42972] MyProxy Certificate Validation Security Issue Message-ID: <201101192030.p0JKU2r4032601@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: MyProxy Certificate Validation Security Issue SECUNIA ADVISORY ID: SA42972 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42972/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42972 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42972/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42972/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42972 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in MyProxy, which can be exploited by malicious people to conduct spoofing attacks. The security issue is caused due to the "myproxy-logon" application improperly verifying the validity of the server's certificate. This can be exploited to spoof a valid server and obtain the user's password via e.g. a man-in-the-middle (MitM) attack. The security issue is reported in version 5.0 through 5.2. SOLUTION: Update to version 5.3. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://lists.globus.org/pipermail/security-announce/2011-January/000018.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 13:30:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 22:30:52 +0100 Subject: [SEC] [SA42987] Sun Java Communications Suite Convergence Webmail Vulnerability Message-ID: <201101192130.p0JLUqo0023161@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sun Java Communications Suite Convergence Webmail Vulnerability SECUNIA ADVISORY ID: SA42987 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42987/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42987 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42987/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42987/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42987 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sun Java Communications Suite, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data. The vulnerability is caused due to an unspecified error in the Convergence Webmail component and can be exploited to disclose and manipulate certain data. The vulnerability is reported in Convergence version 1.0. SOLUTION: Apply patch (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 14:24:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 23:24:54 +0100 Subject: [SEC] [SA42936] Red Hat update for mysql Message-ID: <201101192224.p0JMOsXI013403@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for mysql SECUNIA ADVISORY ID: SA42936 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42936/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42936 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42936/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42936/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42936 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for mysql. This fixes some vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA41048 SA41716 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0164-1: https://rhn.redhat.com/errata/RHSA-2011-0164.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 14:46:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Jan 2011 23:46:43 +0100 Subject: [SEC] [SA42984] Oracle Solaris Multiple Vulnerabilities Message-ID: <201101192246.p0JMkhCr002158@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42984 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42984/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42984 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42984/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42984/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42984 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Solaris, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to disclose system information, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) An unspecified error in the CDE Calendar Manager Service daemon can be exploited to potentially execute arbitrary code via specially crafted RPC packets. 2) An unspecified error in the FTP server can be exploited to cause a DoS. 3) An unspecified error in a Ethernet driver can be exploited to disclose certain system information. 4) An unspecified error in the kernel NFS component can be exploited to cause a DoS. 5) An unspecified error in the kernel can be exploited by local users to cause a DoS. 6) A second unspecified error in the kernel can be exploited by local users to cause a DoS. 7) An unspecified error in the Standard C Library (libc) can be exploited by local users to gain escalated privileges. 8) An unspecified error in the Fault Manager daemon can be exploited by local users to gain escalated privileges. 9) An unspecified error in the XScreenSaver component can be exploited by local users to gain escalated privileges. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 15:16:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 00:16:17 +0100 Subject: [SEC] [SA42986] Oracle OpenSSO / Sun Java System Access Manager Data Manipulation Vulnerability Message-ID: <201101192316.p0JNGHTt023760@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle OpenSSO / Sun Java System Access Manager Data Manipulation Vulnerability SECUNIA ADVISORY ID: SA42986 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42986/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42986 RELEASE DATE: 2011-01-19 DISCUSS ADVISORY: http://secunia.com/advisories/42986/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42986/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42986 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle OpenSSO / Sun Java System Access Manager, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, or cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error and can be exploited to perform unauthorised insertion, deletion, or updating of certain data. The vulnerability is reported in the following products: * Oracle OpenSSO version 8. * Sun Java System Access Manager versions 7 and 7.1. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 15:48:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 00:48:51 +0100 Subject: [SEC] [SA42993] Oracle Transportation Manager Information Disclosure Vulnerability Message-ID: <201101192348.p0JNmpin013144@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Transportation Manager Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA42993 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42993/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42993 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42993/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42993/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42993 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Transportation Manager, which can be exploited by malicious users to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error in the UI Infrastructure component. The vulnerability is reported in versions 5.5, 6.0, 6.1, and 6.2. SOLUTION: Apply patch (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 16:13:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 01:13:47 +0100 Subject: [SEC] [SA42970] Oracle Health Sciences - InForm Authentication Scheme Security Issue Message-ID: <201101200013.p0K0DlUU002051@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Health Sciences - InForm Authentication Scheme Security Issue SECUNIA ADVISORY ID: SA42970 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42970/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42970 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42970/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42970/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42970 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a security issue in Oracle Health Sciences - InForm, which can be exploited by malicious people to bypass certain security features. For more information: SA42948 The security issue is reported in versions 4.5, 4.6, and 5.0. SOLUTION: Apply patches (please see the vendor's advisory for details). ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 16:48:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 01:48:05 +0100 Subject: [SEC] [SA42988] Sun GlassFish Enterprise Server / Sun Java System Message Queue Privilege Escalation Message-ID: <201101200048.p0K0m5kh023870@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sun GlassFish Enterprise Server / Sun Java System Message Queue Privilege Escalation SECUNIA ADVISORY ID: SA42988 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42988/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42988 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42988/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42988/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42988 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sun GlassFish Enterprise Server and Sun Java System Message Queue, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an unspecified error in the Java Message Service (JMS) component. No further information is currently available. The vulnerability is reported in the following products: * Sun GlassFish Enterprise Server versions 2.1, 2.1.1, and 3.0.1. * Sun Java System Message Queue version 4.1. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 17:14:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 02:14:56 +0100 Subject: [SEC] [SA42968] Fedora update for sudo Message-ID: <201101200114.p0K1Eubs012895@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for sudo SECUNIA ADVISORY ID: SA42968 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42968/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42968 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42968/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42968/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42968 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for sudo. This fixes a security issue and a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA33753 SA42886 SOLUTION: Apply updated packages via the yum utility ("yum update sudo"). ORIGINAL ADVISORY: FEDORA-2011-0470: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053263.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 17:46:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 02:46:05 +0100 Subject: [SEC] [SA42921] Oracle Enterprise Manager Grid Control JSP Code Execution Vulnerability Message-ID: <201101200146.p0K1k52i002066@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Enterprise Manager Grid Control JSP Code Execution Vulnerability SECUNIA ADVISORY ID: SA42921 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42921/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42921 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42921/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42921/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42921 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Enterprise Manager Grid Control, which can be exploited by malicious people to compromise a vulnerable system. Input passed via an unspecified POST parameter to a certain JSP script within the "Client System Analyzer" component when uploading XML files is not properly sanitised before being used to create a XML file. This can be exploited to upload and execute arbitrary JSP code by supplying a NULL byte within the request. The vulnerability is reported in Oracle Enterprise Manager Suite Release 10, version 10.2.0.5. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1c239c43f521145fa8385d64a9c32243 via ZDI. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-018/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 18:11:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 03:11:01 +0100 Subject: [SEC] [SA42990] Sun Java System Communications Express Web Mail Two Vulnerabilities Message-ID: <201101200211.p0K2B1th023452@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sun Java System Communications Express Web Mail Two Vulnerabilities SECUNIA ADVISORY ID: SA42990 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42990/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42990 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42990/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42990/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42990 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Sun Java System Communications Express, which can be exploited by malicious people to manipulate certain data. 1) An unspecified error in the "Web Mail" component can be exploited to gain update, insert, or delete access to some accessible data. 2) Another unspecified vulnerability in the "Web Mail" component can be exploited to gain update, insert, or delete access to some accessible data. The vulnerabilities are reported in versions 6.2 and 6.3. SOLUTION: Apply patch (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 18:46:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 03:46:19 +0100 Subject: [SEC] [SA42969] Fedora update for subversion Message-ID: <201101200246.p0K2kJjp012851@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for subversion SECUNIA ADVISORY ID: SA42969 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42969/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42969 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42969/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42969/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42969 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for subversion. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA42780 SOLUTION: Apply updated packages via the yum utility ("yum update subversion"). ORIGINAL ADVISORY: FEDORA-2011-0099: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053230.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 19:13:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 04:13:32 +0100 Subject: [SEC] [SA42895] Oracle Database Multiple Vulnerabilities Message-ID: <201101200313.p0K3DWg5002331@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Database Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42895 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42895/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42895 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42895/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42895/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42895 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Database, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and gain escalated privileges, by malicious users and malicious people to disclose potentially sensitive information, manipulate certain data, and by malicious people to compromise a vulnerable system. 1) An input sanitisation error exists in the Enterprise Manager Grid Control. For more information see vulnerability #1: SA42921 2) An unspecified error in the "Cluster Verify Utility" component can be exploited by local users to gain escalated privileges. NOTE: This vulnerability affects the Windows platforms only. 3) An unspecified error in the "Database Vault" component can be exploited to gain read, insert, and delete access to a subset of accessible data by the component and perform an unauthorized update. 4) An unspecified error in the "Oracle Spatial" component can be exploited by authenticated users to gain read, insert, and delete access to all accessible data by the component and perform an unauthorized update. Successful exploitation of this vulnerability requires "Execute on MDSYS procedures" privileges. 5) An unspecified error in the "Scheduler Agent" component can be exploited by authenticated users to gain read, insert, and delete access to a subset of accessible data by the component and perform an unauthorized update. Successful exploitation of this vulnerability requires "Valid User" privileges and multiple authentications. 6) An unspecified error in the "Database Vault" component can be exploited by local users to gain read, insert, and delete access to a subset of accessible data by the component and perform an unauthorized update. The vulnerabilities are reported in the following products: * Oracle Database 11g Release 2, version 11.2.0.1. * Oracle Database 11g Release 1, version 11.1.0.7. * Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, and 10.2.0.5. * Oracle Database 10g Release 1, version 10.1.0.5. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 19:44:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 04:44:48 +0100 Subject: [SEC] [SA42911] Ubuntu update for dbus Message-ID: <201101200344.p0K3imxD024006@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for dbus SECUNIA ADVISORY ID: SA42911 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42911/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42911 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42911/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42911/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42911 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA42580 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1044-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001229.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 20:09:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 05:09:14 +0100 Subject: [SEC] [SA42978] Oracle Beehive JSP Code Execution Vulnerability Message-ID: <201101200409.p0K49E3D012920@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Beehive JSP Code Execution Vulnerability SECUNIA ADVISORY ID: SA42978 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42978/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42978 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42978/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42978/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42978 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Beehive, which can be exploited by malicious people to compromise a vulnerable system. Input passed via an evaluation parameter to voice-servlet/prompt-qa/Index.jspf is not properly sanitised before being used to create a file. This can be exploited to execute arbitrary JSP code by creating an arbitrary file via a NULL byte supplies within the filename. The vulnerability is reported in versions 2.0.1.0, 2.0.1.1, 2.0.1.2, 2.0.1.2.1, and 2.0.1.3. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1c239c43f521145fa8385d64a9c32243 via ZDI. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-020/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 20:23:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 05:23:26 +0100 Subject: [SEC] [SA42985] Oracle VirtualBox Unspecified Privilege Escalation Vulnerability Message-ID: <201101200423.p0K4NQXZ001310@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle VirtualBox Unspecified Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA42985 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42985/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42985 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42985/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42985/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42985 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle VirtualBox, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in version 4.0. SOLUTION: Apply patch (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 20:45:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 05:45:09 +0100 Subject: [SEC] [SA42922] Oracle E-Business Suite Two Vulnerabilities Message-ID: <201101200445.p0K4j9vL022561@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle E-Business Suite Two Vulnerabilities SECUNIA ADVISORY ID: SA42922 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42922/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42922 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42922/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42922/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42922 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Oracle E-Business Suite , which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data. 1) An unspecified error in the Oracle Common Applications User Management component can be exploited to gain insert and delete access to a subset of accessible data by the component and perform an unauthorized update. 2) An unspecified error in the Oracle Application Object Library Logout component can be exploited to gain read, insert and delete access to a subset of accessible data by the component and perform an unauthorized update. The vulnerabilities are reported in the following products: * Oracle E-Business Suite Release 12 versions 12.0.4, 12.0.5, 12.0.6, 12.1.1, 12.1.2, and 12.1.3. * Oracle E-Business Suite Release 11i version 11.5.10.2. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 21:10:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 06:10:23 +0100 Subject: [SEC] [SA42964] Red Hat update for kernel Message-ID: <201101200510.p0K5AN2e011505@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA42964 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42964/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42964 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42964/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42964/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42964 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "sctp_icmp_proto_unreachable()" function in net/sctp/input.c and can be exploited to cause a crash. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0163-1: https://rhn.redhat.com/errata/RHSA-2011-0163.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 21:23:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 06:23:39 +0100 Subject: [SEC] [SA42967] Joomla! allCineVid Component "id" SQL Injection Vulnerability Message-ID: <201101200523.p0K5NdsL032321@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Joomla! allCineVid Component "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42967 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42967/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42967 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42967/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42967/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42967 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the allCineVid component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "option" is set to "com_allcinevid" and "tmpl" is set to e.g. "component") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.0.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Salvatore Fresta ORIGINAL ADVISORY: Salvatore Fresta: http://adv.salvatorefresta.net/allCineVid_Joomla_Component_1.0.0_Blind_SQL_Injection_Vulnerability-18012011.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 21:45:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 06:45:31 +0100 Subject: [SEC] [SA42983] Globus Toolkit MyProxy Certificate Validation Security Issue Message-ID: <201101200545.p0K5jVq2021109@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Globus Toolkit MyProxy Certificate Validation Security Issue SECUNIA ADVISORY ID: SA42983 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42983/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42983 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42983/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42983/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42983 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Globus Toolkit, which can be exploited by malicious people to conduct spoofing attacks. The security issue is caused due to the toolkit including a vulnerable version of MyProxy. For more information: SA42972 The security issue is reported in Globus Toolkit versions 5.0.0 through 5.0.2. Other versions may also be affected. SOLUTION: Manually update to MyProxy version 5.3. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://lists.globus.org/pipermail/security-announce/2011-January/000018.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 19 22:11:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 07:11:08 +0100 Subject: [SEC] [SA42918] Oracle Secure Backup mod_ssl Unauthorised Data Manipulation Vulnerability Message-ID: <201101200611.p0K6B7V1010077@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Secure Backup mod_ssl Unauthorised Data Manipulation Vulnerability SECUNIA ADVISORY ID: SA42918 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42918/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42918 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42918/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42918/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42918 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Secure Backup, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to an unspecified error in the mod_ssl component and can be exploited to perform unauthorised insertion, deletion, or updating of certain mod_ssl accessible data. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 10:31:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 19:31:49 +0100 Subject: [SEC] [SA42996] Innominate mGuard Multiple Vulnerabilities Message-ID: <201101201831.p0KIVnDG031239@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Innominate mGuard Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42996 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42996/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42996 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42996/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42996/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42996 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Innominate has acknowledged multiple vulnerabilities in Innominate mGuard, which can be exploited by malicious, local users to potentially gain escalated privileges and by malicious people to conduct spoofing attacks, manipulate certain data, and compromise a vulnerable system. For more information: SA33338 SA34608 SA37233 SA37291 The vulnerabilities are reported in versions prior to 5.1.6, prior to 6.1.5, and prior to 7.0.2. SOLUTION: Update to version 5.1.6, 6.1.5, and 7.0.2 or later. ORIGINAL ADVISORY: http://www.innominate.com/data/downloads/manuals/releasenotes_mguard_615_en.pdf http://www.innominate.com/data/downloads/manuals/releasenotes_mguard_516_en.pdf http://www.innominate.com/data/downloads/manuals/releasenotes_mguard_721_en.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 11:37:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 20:37:49 +0100 Subject: [SEC] [SA42952] Ruby Version Manager Escape Sequences Security Issue Message-ID: <201101201937.p0KJbnGW016165@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ruby Version Manager Escape Sequences Security Issue SECUNIA ADVISORY ID: SA42952 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42952/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42952 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42952/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42952/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42952 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Ruby Version Manager, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the application not properly processing the escape sequences while opening certain files. This can be exploited to execute arbitrary commands by tricking a user into opening a maliciously crafted file. The security issue is reported in versions prior to 1.2.1. SOLUTION: Update to version 1.2.1 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://jvn.jp/en/jp/JVN30414126/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000005.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 12:31:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 21:31:56 +0100 Subject: [SEC] [SA42947] acpid Socket Blocking Denial of Service Message-ID: <201101202031.p0KKVuOh006419@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: acpid Socket Blocking Denial of Service SECUNIA ADVISORY ID: SA42947 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42947/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42947 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42947/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42947/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42947 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in acpid, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The security issue is caused due to the daemon using a socket in blocking mode to communicate with unprivileged programs, which can be exploited to cause the daemon to hang. The security issue is reported in version 1.0.10. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Vasiliy Kulikov ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/01/19/4 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 13:31:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 22:31:08 +0100 Subject: [SEC] [SA42997] HP OpenView Storage Data Protector Unspecified Code Execution Vulnerability Message-ID: <201101202131.p0KLV8AX029285@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: HP OpenView Storage Data Protector Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA42997 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42997/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42997 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42997/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42997/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42997 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error. No further information is currently available. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 6.11 running on HP-UX, Solaris, Linux and Windows. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous researcher via ZDI and Abdul Aziz Hariri, ThirdEyeTesters. ORIGINAL ADVISORY: HPSBMA02625 SSRT100138: https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02688353 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 14:25:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 23:25:16 +0100 Subject: [SEC] [SA42980] Drupal Janrain Engage Module Arbitrary File Upload Vulnerability Message-ID: <201101202225.p0KMPGdh019535@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Drupal Janrain Engage Module Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA42980 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42980/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42980 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42980/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42980/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42980 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Janrain Engage module for Drupal, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to the application allowing users to upload arbitrary files via profile image upload functionality. This can be exploited to e.g. execute arbitrary PHP code by uploading a PHP file. The vulnerability is reported in versions prior to 6.x-1.4. SOLUTION: Update to version 6.x-1.4. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Greg Dunlap (heyrocker) ORIGINAL ADVISORY: SA-CONTRIB-2011-003: http://drupal.org/node/1033154 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 14:46:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Jan 2011 23:46:09 +0100 Subject: [SEC] [SA42965] Ubuntu update for fuse Message-ID: <201101202246.p0KMk9Jn008283@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for fuse SECUNIA ADVISORY ID: SA42965 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42965/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42965 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42965/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42965/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42965 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for fuse. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA42961 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1045-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001230.html USN-1045-2: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001231.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 15:16:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 00:16:49 +0100 Subject: [SEC] [SA42998] Perl Convert::UUlib Module "UURepairData()" Off-by-One Weakness Message-ID: <201101202316.p0KNGnGW029879@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Perl Convert::UUlib Module "UURepairData()" Off-by-One Weakness SECUNIA ADVISORY ID: SA42998 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42998/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42998 RELEASE DATE: 2011-01-20 DISCUSS ADVISORY: http://secunia.com/advisories/42998/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42998/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42998 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in the Convert::UUlib module for Perl, which can potentially be exploited by malicious people to potentially cause a DoS (Denial of Service) . The weakness is caused due to an off-by-one error in the "UURepairData()" function (uulib/uunconc.c) when handling a incomplete uuencoded string. This can be exploited to write a single NULL byte outside the bounds of a heap-based buffer in an application using the vulnerable library. The weakness is reported in versions prior to 1.34. SOLUTION: Update to version 1.34. PROVIDED AND/OR DISCOVERED BY: The vendor credits Marco Walther. ORIGINAL ADVISORY: http://cpansearch.perl.org/src/MLEHMANN/Convert-UUlib-1.34/Changes OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 15:47:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 00:47:35 +0100 Subject: [SEC] [SA42961] FUSE "fusermount" Arbitrary Unmount Security Issue Message-ID: <201101202347.p0KNlZcC019170@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: FUSE "fusermount" Arbitrary Unmount Security Issue SECUNIA ADVISORY ID: SA42961 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42961/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42961 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42961/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42961/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42961 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in FUSE, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The security issue is caused due an error within the "fusermount" utility when performing unmount operations, which can be exploited to e.g. unmount arbitrary mounts via symlink attacks. The security issue is reported in version 2.8.5. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: halfdog ORIGINAL ADVISORY: http://www.halfdog.net/Security/FuseTimerace/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 16:14:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 01:14:23 +0100 Subject: [SEC] [SA43002] Fedora update for java-1.6.0-openjdk Message-ID: <201101210014.p0L0ENHD008211@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for java-1.6.0-openjdk SECUNIA ADVISORY ID: SA43002 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43002/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43002 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43002/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43002/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43002 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for java-1.6.0-openjdk. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the "JNLPSecurityManager" class not properly enforcing security policies, which can be exploited to e.g. execute arbitrary code by tricking a user into opening a specially crafted website. SOLUTION: Apply updated packages via the yum utility ("yum update java-1.6.0-openjdk"). PROVIDED AND/OR DISCOVERED BY: Independently discovered by Omar Majid and an anonymous reporter via ZDI. ORIGINAL ADVISORY: FEDORA-2011-0500: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053288.html FEDORA-2011-0521: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053276.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 16:48:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 01:48:15 +0100 Subject: [SEC] [SA42958] IBM WebSphere MQ Message Header Buffer Overflow Vulnerability Message-ID: <201101210048.p0L0mF4U029935@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM WebSphere MQ Message Header Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42958 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42958/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42958 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42958/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42958/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42958 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere MQ, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error while processing messages and can be exploited to cause a buffer overflow by sending a specially crafted message header. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply APAR IZ77607 or update to version 7.0.1.4 when available. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IZ77607): https://www-304.ibm.com/support/docview.wss?uid=swg1SE45551 https://www-304.ibm.com/support/docview.wss?uid=swg21254675 http://xforce.iss.net/xforce/xfdb/64628 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 17:14:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 02:14:33 +0100 Subject: [SEC] [SA42950] Contents-Mall Unspecified Password Handling Vulnerability Message-ID: <201101210114.p0L1EX6d018938@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Contents-Mall Unspecified Password Handling Vulnerability SECUNIA ADVISORY ID: SA42950 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42950/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42950 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42950/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42950/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42950 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Contents-Mall, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an unspecified error and can be exploited to disclose an administrative password. No further information is currently available. The vulnerability is reported in version 14.00 and prior. SOLUTION: Upgrade to version 15.00. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://mag.wb-i.net/2010_05_07.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 17:45:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 02:45:51 +0100 Subject: [SEC] [SA43001] Fedora update for perl-Convert-UUlib Message-ID: <201101210145.p0L1jpeT008154@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for perl-Convert-UUlib SECUNIA ADVISORY ID: SA43001 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43001/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43001 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43001/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43001/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43001 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for perl-Convert-UUlib. This fixes a weakness, which can potentially be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA42998 SOLUTION: Apply updated packages via the yum utility ("yum update perl-Convert-UUlib"). ORIGINAL ADVISORY: FEDORA-2011-0062: https://admin.fedoraproject.org/updates/perl-Convert-UUlib-1.34-1.fc13 FEDORA-2011-0052: https://admin.fedoraproject.org/updates/perl-Convert-UUlib-1.34-1.fc14 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 18:10:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 03:10:49 +0100 Subject: [SEC] [SA43000] Fedora update for wordpress Message-ID: <201101210210.p0L2An17029494@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for wordpress SECUNIA ADVISORY ID: SA43000 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43000/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43000 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43000/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43000/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43000 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wordpress. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks. For more information: SA42755 SOLUTION: Apply updated packages via the yum utility ("yum update wordpress"). ORIGINAL ADVISORY: FEDORA-2011-0306: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053293.html FEDORA-2011-0315: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053289.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 18:45:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 03:45:44 +0100 Subject: [SEC] [SA42962] IBM AIX FC SCSI Protocol Driver Denial of Service Vulnerability Message-ID: <201101210245.p0L2ji4m018869@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM AIX FC SCSI Protocol Driver Denial of Service Vulnerability SECUNIA ADVISORY ID: SA42962 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42962/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42962 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42962/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42962/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42962 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM AIX, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the FC SCSI protocol driver when deallocating a timer and can be exploited to cause a crash. The vulnerability is reported in IBM AIX 6.1. SOLUTION: Apply APAR IZ92478. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IZ92478): http://www.ibm.com/support/docview.wss?uid=isg1IZ92478 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 19:18:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 04:18:35 +0100 Subject: [SEC] [SA42982] Oracle PeopleSoft Enterprise HRMS Multiple Vulnerabilities Message-ID: <201101210318.p0L3IZOx008644@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle PeopleSoft Enterprise HRMS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42982 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42982/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42982 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42982/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42982/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42982 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Oracle PeopleSoft Enterprise HRMS, which can be exploited by malicious users to disclose sensitive information and manipulate certain data. 1) An unspecified error in the "Talent Acquisition Manager" component can be exploited to gain read, update, insert, or delete access to certain data. 2) An unspecified error in the "ePerformance" component can be exploited to gain read, update, insert, or delete access to certain data. 3) An unspecified error in the "Absence Management" component can be exploited to disclose certain data. 4) Another unspecified error in the "Absence Management" component can be exploited to disclose certain data. 5) An unspecified error in the "eProfile - Manager Desktop" component can be exploited to disclose certain data. 6) Another unspecified error in the "Talent Acquisition Manager" component can be exploited to disclose certain data. The vulnerabilities are reported in Oracle PeopleSoft Enterprise HRMS versions 8.9, 9.0, and 9.1. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 19:46:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 04:46:24 +0100 Subject: [SEC] [SA42919] Oracle Audit Vault av.action Insufficient Parameter Validation Vulnerability Message-ID: <201101210346.p0L3kOnP030099@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Audit Vault av.action Insufficient Parameter Validation Vulnerability SECUNIA ADVISORY ID: SA42919 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42919/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42919 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42919/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42919/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42919 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Audit Vault, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to insufficient parameter validation in the "av" component when handling action.execute requests and can be exploited to execute arbitrary code via a specially crafted request to the service (default port 5700/TCP). SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1c239c43f521145fa8385d64a9c32243 via ZDI. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-017/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 20:11:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 05:11:45 +0100 Subject: [SEC] [SA42963] Red Hat update for kernel Message-ID: <201101210411.p0L4BjQA019064@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA42963 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42963/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42963 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42963/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42963/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42963 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), disclose potentially sensitive information, and gain escalated privileges. For more information: SA41440 SA41493 SA42035 SA42061 SA42187 SA42354 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0162-1: http://rhn.redhat.com/errata/RHSA-2011-0162.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 20:45:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 05:45:53 +0100 Subject: [SEC] [SA42935] Asterisk "ast_uri_encode()" Buffer Overflow Vulnerability Message-ID: <201101210445.p0L4jrnj008416@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Asterisk "ast_uri_encode()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42935 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42935/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42935 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42935/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42935/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42935 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Asterisk, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error within the "ast_uri_encode()" function in main/utils.c. This can be exploited to e.g. cause a stack-based buffer overflow by sending specially crafted caller ID information. Successful exploitation may require that the SIP channel driver is configured with the "pedantic" option enabled. The vulnerability is reported in Asterisk Open Source Edition prior to versions 1.4.38.1, 1.4.39.1, 1.6.1.21, 1.6.2.15.1, 1.6.2.16.1, 1.8.1.2, and 1.8.2.1 and Asterisk Business Edition prior to version C.3.6.2. SOLUTION: Update to a fixed version or apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: AST-2011-001: http://downloads.asterisk.org/pub/security/AST-2011-001.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 21:11:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 06:11:43 +0100 Subject: [SEC] [SA42925] Oracle Argus Safety Unspecified LDAP Login Vulnerability Message-ID: <201101210511.p0L5BhSw029788@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Argus Safety Unspecified LDAP Login Vulnerability SECUNIA ADVISORY ID: SA42925 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42925/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42925 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42925/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42925/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42925 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Health Sciences - Oracle Argus Safety, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error in the LDAP login handling. No more information is currently available. The vulnerability is reported in versions 5.0, 5.0.1, 5.0.2, and 5.0.3. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 21:46:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 06:46:00 +0100 Subject: [SEC] [SA42973] Oracle Real User Experience Insight SQL Injection Vulnerability Message-ID: <201101210546.p0L5k0WD019131@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Real User Experience Insight SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42973 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42973/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42973 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42973/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42973/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42973 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Real User Experience Insight, which can be exploited by malicious people to conduct SQL injection attacks. Certain input is not properly sanitised in "rsynclogdird" process when parsing log files. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code when input is inserted into a UTF-8 database. The vulnerability is reported in version 6.0. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1c239c43f521145fa8385d64a9c32243, reported via ZDI. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-016/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 20 22:11:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 07:11:02 +0100 Subject: [SEC] [SA42927] Oracle Open Office Two Vulnerabilities Message-ID: <201101210611.p0L6B2NX008074@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Open Office Two Vulnerabilities SECUNIA ADVISORY ID: SA42927 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42927/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42927 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/42927/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42927/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42927 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Open Office / StarOffice, which can be exploited by malicious people to compromise a user's system. For more information: SA40775 The vulnerabilities are reported in Open Office version 3.2.1 and StarOffice/StarSuite versions 7 and 8. Other versions may also be affected. SOLUTION: Apply updates (please see the vendor's advisory for details). ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 10:31:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 19:31:02 +0100 Subject: [SEC] [SA43018] HP Business Service Management Cross-Site Scripting Vulnerability Message-ID: <201101211831.p0LIV2PV029180@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: HP Business Service Management Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43018 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43018/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43018 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43018/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43018/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43018 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Business Service Management, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA43014 The vulnerability is reported in version 9.01 and earlier running on Windows. SOLUTION: Apply patch BAC_00698. PROVIDED AND/OR DISCOVERED BY: The vendor credits Daniel Frye. ORIGINAL ADVISORY: HPSBMA02622 SSRT100342: http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02678501 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 11:30:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 20:30:43 +0100 Subject: [SEC] [SA43015] HP-UX update for Kerberos Message-ID: <201101211930.p0LJUhHS019657@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: HP-UX update for Kerberos SECUNIA ADVISORY ID: SA43015 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43015/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43015 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43015/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43015/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43015 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for Kerberos in HP-UX. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to conduct spoofing attacks. For more information: SA42396 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: HPSBUX02623 SSRT100355: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02657328 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 12:31:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 21:31:07 +0100 Subject: [SEC] [SA43003] Lunascape Insecure Library Loading Vulnerability Message-ID: <201101212031.p0LKV76s010174@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Lunascape Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA43003 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43003/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43003 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43003/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43003/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43003 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Lunascape, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a HTML file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in versions prior to 6.4.1. SOLUTION: Update to version 6.4.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. Additionally, JVN credits Makoto Shiotsuki. ORIGINAL ADVISORY: http://help.lunascape.tv/LunascapeHelp-en/page.aspx?pageid=ver_6_4_11 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 13:31:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 22:31:19 +0100 Subject: [SEC] [SA43014] HP Business Availability Center Cross-Site Scripting Vulnerability Message-ID: <201101212131.p0LLVJbY000628@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: HP Business Availability Center Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43014 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43014/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43014 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43014/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43014/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43014 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Business Availability Center, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in the following products: * Business Availability Center (BAC) v7.55 and earlier on Windows and Solaris. * Business Availability Center (BAC) v8.05 and earlier on Windows and Solaris. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Daniel Frye. ORIGINAL ADVISORY: HPSBMA02622 SSRT100342: http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02678501 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 14:24:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 23:24:39 +0100 Subject: [SEC] [SA43008] PHP Low Bids "cat" SQL Injection Vulnerability Message-ID: <201101212224.p0LMOdo9023286@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PHP Low Bids "cat" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA43008 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43008/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43008 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43008/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43008/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43008 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in PHP Low Bids, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "cat" parameter to viewfaqs.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: BorN To K!LL - h4ck3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 14:45:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Jan 2011 23:45:47 +0100 Subject: [SEC] [SA43017] Linksys WRT54GC Web Management Interface Buffer Overflow Vulnerability Message-ID: <201101212245.p0LMjl6k012039@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Linksys WRT54GC Web Management Interface Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA43017 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43017/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43017 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43017/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43017/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43017 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Linksys WRT54GC, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due a boundary error when handling HTTP POST requests sent to the web-based management interface. This can be exploited to cause a buffer overflow via an overly long string sent in a POST request. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 1.06.1. SOLUTION: Update to firmware version 1.06.1. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Yuji Ukai, Fourteenforty Research Institute. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/viewAlert.x?alertId=22228 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 15:16:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 00:16:04 +0100 Subject: [SEC] [SA43005] Red Hat update for java-1.5.0-ibm Message-ID: <201101212316.p0LNG4iC001145@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.5.0-ibm SECUNIA ADVISORY ID: SA43005 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43005/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43005 RELEASE DATE: 2011-01-21 DISCUSS ADVISORY: http://secunia.com/advisories/43005/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43005/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43005 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.5.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and compromise a vulnerable system. For more information: SA41882 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0169-1: https://rhn.redhat.com/errata/RHSA-2011-0169.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 15:47:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 00:47:57 +0100 Subject: [SEC] [SA42949] Ubuntu update for sudo Message-ID: <201101212347.p0LNlveV022933@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for sudo SECUNIA ADVISORY ID: SA42949 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42949/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42949 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42949/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42949/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42949 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA42886 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1046-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001232.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 16:13:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 01:13:38 +0100 Subject: [SEC] [SA43010] ScrumWorks Basic Server Credentials Information Disclosure Message-ID: <201101220013.p0M0DcCA011896@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: ScrumWorks Basic Server Credentials Information Disclosure SECUNIA ADVISORY ID: SA43010 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43010/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43010 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/43010/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43010/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43010 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two security issues have been discovered in ScrumWorks Basic, which can be exploited by malicious, local users and by malicious people to disclose sensitive information. 1) The credentials to access the server component are transmitted as Base64-encoded text and can be disclosed by e.g sniffing network traffic. 2) The credentials to access the server component are stored in cleartext in the server/scrumworks/data/hypersonic/scrumworks.log file and can be disclosed by local users. The security issues are confirmed in version 1.8.4. Other versions may also be affected. SOLUTION: Restrict access to the server component to a trusted network environment. Restrict access to the system to trusted users only. PROVIDED AND/OR DISCOVERED BY: US-CERT credits David Elze, Daimler TSS Technical Security. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 16:47:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 01:47:32 +0100 Subject: [SEC] [SA42966] Red Hat update for libuser Message-ID: <201101220047.p0M0lWDS001164@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for libuser SECUNIA ADVISORY ID: SA42966 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42966/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42966 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42966/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42966/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42966 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for libuser. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA42891 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0170-1: https://rhn.redhat.com/errata/RHSA-2011-0170.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 17:15:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 02:15:34 +0100 Subject: [SEC] [SA43007] Phpcms 2008 "modelid" SQL Injection Vulnerability Message-ID: <201101220115.p0M1FYjr022684@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Phpcms 2008 "modelid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA43007 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43007/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43007 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/43007/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43007/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43007 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Phpcms 2008, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "modelid" parameter to e.g. flash_upload.php is not properly sanitised in include/admin/model_field.class.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version SP4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: R3d-D3v!L OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 17:46:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 02:46:01 +0100 Subject: [SEC] [SA42971] Iconfidant SSL Server Key Exchange Buffer Overflow Vulnerability Message-ID: <201101220146.p0M1k19A011865@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Iconfidant SSL Server Key Exchange Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42971 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42971/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42971 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42971/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42971/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42971 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Iconfidant SSL, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the key exchange functionality of the server, which can be exploited to cause a stack-based buffer overflow via a specially crafted client master key packet sent to the server. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 1.3.0. SOLUTION: Update to version 1.3.0 or later. PROVIDED AND/OR DISCOVERED BY: An anonymous person via ZDI. ORIGINAL ADVISORY: ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-021/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 18:10:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 03:10:45 +0100 Subject: [SEC] [SA42960] Debian update for dbus Message-ID: <201101220210.p0M2Aj4w000715@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for dbus SECUNIA ADVISORY ID: SA42960 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42960/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42960 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42960/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42960/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42960 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for dbus. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA42580 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2149-1: http://lists.debian.org/debian-security-announce/2011/msg00013.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 18:45:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 03:45:59 +0100 Subject: [SEC] [SA42992] Oracle Outside In Technology Viewer SDK Denial of Service Vulnerability Message-ID: <201101220245.p0M2jxn5022564@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Outside In Technology Viewer SDK Denial of Service Vulnerability SECUNIA ADVISORY ID: SA42992 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42992/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42992 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42992/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42992/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42992 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Outside In Technology, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error in the "Outside In Viewer SDK" component. The vulnerability is reported in version 8.3.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html#AppendixAS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 19:17:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 04:17:19 +0100 Subject: [SEC] [SA42954] Citrix Provisioning Services Packet Handling Buffer Overflow Vulnerability Message-ID: <201101220317.p0M3HJQA013397@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Citrix Provisioning Services Packet Handling Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42954 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42954/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42954 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42954/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42954/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42954 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Citrix Provisioning Services, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the streamprocess.exe component when handling a 0x40020010 type packet. This can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to e.g. UDP port 6095. Successful exploitation may allow execution of arbitrary code with privileges of the SYSTEM user. The vulnerability is reported in versions 5.6 and prior. SOLUTION: Update to version 5.6 SP1 or apply a hotfix (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: AbdulAziz Hariri, reported via ZDI. ORIGINAL ADVISORY: Citrix: http://support.citrix.com/article/CTX127149 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-023/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 19:45:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 04:45:18 +0100 Subject: [SEC] [SA42981] Oracle PeopleSoft Enterprise CRM Order Capture Vulnerability Message-ID: <201101220345.p0M3jI1c002419@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle PeopleSoft Enterprise CRM Order Capture Vulnerability SECUNIA ADVISORY ID: SA42981 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42981/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42981 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42981/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42981/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42981 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle PeopleSoft Enterprise CRM, which can be exploited by malicious users to disclose sensitive information and manipulate certain data. The vulnerability is caused due to an unspecified error in the "Order Capture" component and can be exploited to gain read, update, insert, or delete access to certain data. The vulnerability is reported in versions 9.0 and 9.1. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 20:09:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 05:09:55 +0100 Subject: [SEC] [SA42991] Sun Java System Portal Server Proxy Privilege Escalation Security Issue Message-ID: <201101220409.p0M49txQ023759@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sun Java System Portal Server Proxy Privilege Escalation Security Issue SECUNIA ADVISORY ID: SA42991 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42991/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42991 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42991/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42991/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42991 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Sun Java System Portal Server, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to an unspecified error in the "Proxy" component and can be exploited to gain read access to certain data. The security issue is reported in versions 7.1 and 7.2. SOLUTION: Apply patch (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 20:23:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 05:23:45 +0100 Subject: [SEC] [SA42979] Oracle GoldenGate Veridata XML SOAP Request Parsing Buffer Overflow Message-ID: <201101220423.p0M4Nj26012186@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle GoldenGate Veridata XML SOAP Request Parsing Buffer Overflow SECUNIA ADVISORY ID: SA42979 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42979/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42979 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42979/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42979/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42979 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle GoldenGate Veridata, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerability is caused due to an error in the "Server" component while parsing tags in an XML SOAP request used for authorization. This can be exploited to cause a buffer overflow by passing an overly long string to the management site. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in Oracle GoldenGate Veridata version 3.0.0.4. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Andrea Micalizzi aka rgod via ZDI. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-019/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 20:44:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 05:44:39 +0100 Subject: [SEC] [SA43016] WordPress StatPressCN Plugin Cross-Site Scripting Vulnerabilities Message-ID: <201101220444.p0M4id8U000855@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress StatPressCN Plugin Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA43016 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43016/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43016 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/43016/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43016/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43016 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in StatPressCN plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "what1", "what2", "what3", "what4", and "what5" parameters to wp-admin/admin.php (when "page" is set to "spc-search") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 1.9.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Saif El-Sherei OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 21:10:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 06:10:28 +0100 Subject: [SEC] [SA42934] Pango "pango_ft2_font_render_box_glyph()" Buffer Overflow Vulnerability Message-ID: <201101220510.p0M5ASK9022291@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Pango "pango_ft2_font_render_box_glyph()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA42934 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42934/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42934 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42934/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42934/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42934 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Pango, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. The vulnerability is caused due to a boundary error within the "pango_ft2_font_render_box_glyph()" function in pango/pangoft2-render.c. This can be exploited to cause a heap-based buffer overflow by e.g. tricking an application using the library to use a specially crafted font to render text via Pango's FreeType2 backend. The vulnerability is confirmed in version 1.28.3. Other versions may also be affected. SOLUTION: Do not use the library to render text using untrusted font files. PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: Launchpad Bug #696616: https://bugs.launchpad.net/ubuntu/+source/pango1.0/+bug/696616 GNOME Bug #639882: https://bugzilla.gnome.org/show_bug.cgi?id=639882 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 21:24:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 06:24:06 +0100 Subject: [SEC] [SA42989] Sun Management Center Unspecified Information Disclosure Vulnerability Message-ID: <201101220524.p0M5O6Jb010702@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Sun Management Center Unspecified Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA42989 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42989/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42989 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42989/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42989/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42989 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sun Management Center, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error in the Web Console. No further information is currently available. The vulnerability is reported in version 4.0. SOLUTION: Apply patch (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 21:44:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 06:44:45 +0100 Subject: [SEC] [SA42977] Oracle BI Publisher Two Vulnerabilities Message-ID: <201101220544.p0M5ije2031822@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle BI Publisher Two Vulnerabilities SECUNIA ADVISORY ID: SA42977 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42977/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42977 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42977/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42977/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42977 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Oracle BI Publisher, which can be exploited by malicious users to manipulate certain data. 1) An error in the "Web Server" component can be exploited to gain update, insert, or delete access to certain data. 2) Another error in the "Web Server" component can be exploited to gain update, insert, or delete access to certain data. The vulnerabilities are reported in versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1, and 11.1.1.3. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 21 22:09:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 07:09:52 +0100 Subject: [SEC] [SA42959] N-13 News Cross-Site Request Forgery Vulnerability Message-ID: <201101220609.p0M69qFs020738@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: N-13 News Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA42959 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42959/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42959 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42959/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42959/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42959 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in N-13 News, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add an administrative user by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerability is confirmed in versions 3.7 and 4.0. Other versions may also be affected. SOLUTION: Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: anT!-Tr0J4n Additional information provided by Secunia Research. ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/16013/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 22 10:31:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 19:31:45 +0100 Subject: [SEC] [SA42924] Oracle PeopleSoft Enterprise PeopleTools Multiple Vulnerabilities Message-ID: <201101221831.p0MIVjcd009531@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle PeopleSoft Enterprise PeopleTools Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42924 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42924/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42924 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42924/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42924/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42924 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Oracle PeopleSoft Enterprise PeopleTools, which can be exploited by malicious users to disclose sensitive information and by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) An unspecified error in the "PIA Core Technology" component can be exploited to execute arbitrary code. 2) An unspecified error in the "Security" component can be exploited to hang or crash the service. 3) Another unspecified error in the "PIA Core Technology" component can be exploited to gain update, insert, or delete access to certain data. 4) An unspecified error in the "Portal" component can be exploited by authenticated users gain read access to certain data. The vulnerabilities are reported in versions 8.49, 8.50, and 8.51. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 22 11:30:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 20:30:52 +0100 Subject: [SEC] [SA42975] Oracle WebLogic Server Three Vulnerabilities Message-ID: <201101221930.p0MJUqlc032400@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle WebLogic Server Three Vulnerabilities SECUNIA ADVISORY ID: SA42975 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42975/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42975 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42975/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42975/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42975 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Oracle WebLogic Server, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, and compromise a vulnerable system. 1) An unspecified error in the "Node Manager" component can be exploited to execute arbitrary code. 2) An unspecified error in the "Servlet Container" component can be exploited to gain read, update, insert, or delete access to certain data. 3) Another unspecified error in the "Servlet Container" component can be exploited to gain update, insert, or delete access to certain data. The vulnerabilities are reported in versions 7.0.7, 8.1.6, 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, and 10.3.3. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 22 12:30:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 21:30:52 +0100 Subject: [SEC] [SA42944] AWBS "oid" SQL Injection Vulnerability Message-ID: <201101222030.p0MKUqf5022895@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: AWBS "oid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA42944 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42944/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42944 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42944/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42944/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42944 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in AWBS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "oid" parameter to cart.php (when "ca" is set to "add_other") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 2.9.2. Other versions may also be affected. SOLUTION: Reportedly a patch has been released. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: ShivX OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 22 13:31:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 22:31:43 +0100 Subject: [SEC] [SA42976] Oracle Document Capture Multiple Vulnerabilities Message-ID: <201101222131.p0MLVhFj013427@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Document Capture Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42976 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42976/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42976 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42976/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42976/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42976 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Oracle Document Capture, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) An unspecified error in the "Import Server" component can be exploited to gain write access to arbitrary files and cause a crash. 2) An unspecified error in the "Internal Operations" component can be exploited to execute arbitrary code. 3) Another unspecified error in the "Internal Operations" component can be exploited to gain write access to arbitrary files and cause a DoS. 4) Another unspecified error in the "Import Server" component can be exploited to read arbitrary files. 5) An unspecified error in the "Import Export Utility" component can be exploited to gain write access to arbitrary files. The vulnerabilities are reported in versions 10.1.3.4 and 10.1.3.5. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 22 14:24:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 23:24:42 +0100 Subject: [SEC] [SA42923] Oracle Agile Product Lifecycle Management Two Vulnerabilities Message-ID: <201101222224.p0MMOg6i003588@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Agile Product Lifecycle Management Two Vulnerabilities SECUNIA ADVISORY ID: SA42923 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42923/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42923 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42923/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42923/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42923 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Oracle Agile PLM (Product Lifecycle Management), which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data. 1) An unspecified error in the "Folders, Files & Attachments" component can be exploited to disclose certain information. 2) An unspecified error in the "Web Client" component can be exploited to manipulate certain data. The vulnerabilities are reported in versions 9.3.0.2 and 9.3.1. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 22 14:45:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Jan 2011 23:45:52 +0100 Subject: [SEC] [SA42974] Oracle JRockit Multiple Vulnerabilities Message-ID: <201101222245.p0MMjqXV024755@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle JRockit Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42974 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42974/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42974 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42974/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42974/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42974 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged multiple vulnerabilities in Oracle JRockit, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, and compromise a vulnerable system. For more information: SA41791 The vulnerabilities are reported in versions R27.6.7 and prior (JDK/JRE 1.4.2, 5, 6) and R28.0.1 and prior (JDK/JRE 5, 6). SOLUTION: Apply patches (please see the vendor advisory for details). ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 22 15:18:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Jan 2011 00:18:21 +0100 Subject: [SEC] [SA42920] Oracle HTTP Server Apache Plugin Unspecified Vulnerability Message-ID: <201101222318.p0MNIL3G014029@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle HTTP Server Apache Plugin Unspecified Vulnerability SECUNIA ADVISORY ID: SA42920 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42920/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42920 RELEASE DATE: 2011-01-22 DISCUSS ADVISORY: http://secunia.com/advisories/42920/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42920/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42920 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle HTTP Server, which can be exploited by malicious people to disclose sensitive information and manipulate certain data. The vulnerability is caused due to an unspecified error in the "Apache Plugin" component and can be exploited to gain read, update, insert, or delete access to certain data. The vulnerability is reported in Oracle Fusion Middleware, 11g Release 1 versions 11.1.1.2.0 and 11.1.1.3.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 22 15:48:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Jan 2011 00:48:40 +0100 Subject: [SEC] [SA42994] Oracle Discoverer EUL Code & Schema Unspecified Vulnerability Message-ID: <201101222348.p0MNme6F003258@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle Discoverer EUL Code & Schema Unspecified Vulnerability SECUNIA ADVISORY ID: SA42994 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42994/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42994 RELEASE DATE: 2011-01-23 DISCUSS ADVISORY: http://secunia.com/advisories/42994/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42994/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42994 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Discoverer, which can be exploited by malicious users to disclose sensitive information and manipulate certain data. The vulnerability is caused due to an unspecified error in the "EUL Code & Schema" component and can be exploited to gain read, update, insert, or delete access to certain data. The vulnerability is reported in the following products: * Oracle Fusion Middleware, 11g Release 1 versions 11.1.1.2.0 and 11.1.1.3.0. * Oracle Application Server 10g Release 2 version 10.1.2.3.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for January 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 10:30:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Jan 2011 19:30:41 +0100 Subject: [SEC] [SA43019] Ubuntu update for tomcat6 Message-ID: <201101241830.p0OIUfDG008631@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for tomcat6 SECUNIA ADVISORY ID: SA43019 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43019/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43019 RELEASE DATE: 2011-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/43019/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43019/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43019 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for tomcat6. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA42337 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1048-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001234.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 11:31:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Jan 2011 20:31:34 +0100 Subject: [SEC] [SA43032] PHP Link Directory Cross-Site Request Forgery Vulnerability Message-ID: <201101241931.p0OJVY7s031552@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PHP Link Directory Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA43032 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43032/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43032 RELEASE DATE: 2011-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/43032/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43032/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43032 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in PHP Link Directory, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. add an administrative user by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerability is reported in version 4.1.0. Other versions may also be affected. SOLUTION: Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: AtT4CKxT3rR0r1ST OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 12:32:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Jan 2011 21:32:22 +0100 Subject: [SEC] [SA43025] Gentoo update for acroread Message-ID: <201101242032.p0OKWMxX022074@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for acroread SECUNIA ADVISORY ID: SA43025 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43025/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43025 RELEASE DATE: 2011-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/43025/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43025/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43025 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for acroread. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system. For more information: SA41340 SA41435 SA42030 SA42095 SOLUTION: Update to version "app-text/acroread-9.4.1" or later. ORIGINAL ADVISORY: GLSA 201101-08: http://www.gentoo.org/security/en/glsa/glsa-201101-08.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 13:30:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Jan 2011 22:30:47 +0100 Subject: [SEC] [SA43027] MaraDNS "compress_add_dlabel_points()" Buffer Overflow Vulnerability Message-ID: <201101242130.p0OLUlei012487@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: MaraDNS "compress_add_dlabel_points()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA43027 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43027/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43027 RELEASE DATE: 2011-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/43027/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43027/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43027 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MaraDNS, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an error within the "compress_add_dlabel_points()" function in dns/Compress.c, which can be exploited to cause a heap-based buffer overflow by sending a specially crafted request. The vulnerability is confirmed in version 1.4.05. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Reported in a Debian bug by Witold Baryluk. ORIGINAL ADVISORY: Debian Bug #610834: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610834 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 14:25:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Jan 2011 23:25:16 +0100 Subject: [SEC] [SA43034] PHP Coupon Script "bus" SQL Injection Vulnerability Message-ID: <201101242225.p0OMPGdM002683@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PHP Coupon Script "bus" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA43034 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43034/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43034 RELEASE DATE: 2011-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/43034/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43034/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43034 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in PHP Coupon Script, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "bus" parameter to index.php (when "page" is set to "viewbus") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 6.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: BorN To K!LL OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 14:46:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Jan 2011 23:46:14 +0100 Subject: [SEC] [SA43051] Fedora update for php Message-ID: <201101242246.p0OMkEW0023852@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for php SECUNIA ADVISORY ID: SA43051 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43051/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43051 RELEASE DATE: 2011-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/43051/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43051/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43051 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for php. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to an error in strtod.c when converting values from a string type to double and can be exploited to cause an infinite loop. SOLUTION: Apply updated packages using the yum utility ("yum update php php-eaccelerator maniadrive maniadrive-data"). ORIGINAL ADVISORY: FEDORA-2011-0321: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053356.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053358.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053357.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053355.html FEDORA-2011-0329: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053330.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053332.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053331.html http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053333.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 15:20:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 00:20:24 +0100 Subject: [SEC] [SA43047] Fedora update for libuser Message-ID: <201101242320.p0ONKOpN013177@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for libuser SECUNIA ADVISORY ID: SA43047 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43047/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43047 RELEASE DATE: 2011-01-24 DISCUSS ADVISORY: http://secunia.com/advisories/43047/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43047/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43047 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libuser. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA42891 SOLUTION: Apply updated packages using the yum utility ("yum update libuser"). ORIGINAL ADVISORY: FEDORA-2011-0316: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053365.html FEDORA-2011-0320: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053378.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 15:48:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 00:48:36 +0100 Subject: [SEC] [SA43054] Fedora update for dpkg Message-ID: <201101242348.p0ONmaVr002270@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for dpkg SECUNIA ADVISORY ID: SA43054 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43054/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43054 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43054/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43054/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43054 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for dpkg. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data or compromise a vulnerable system. For more information: SA42826 SOLUTION: Apply updated packages via the yum utility ("yum update dpkg"). ORIGINAL ADVISORY: FEDORA-2011-0345: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053311.html FEDORA-2011-0362: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053306.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 16:13:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 01:13:59 +0100 Subject: [SEC] [SA42951] SRWare Iron Multiple Vulnerabilities Message-ID: <201101250013.p0P0DxZw023656@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SRWare Iron Multiple Vulnerabilities SECUNIA ADVISORY ID: SA42951 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42951/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42951 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/42951/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42951/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42951 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in SRWare Iron, where some have an unknown impact and others can be exploited by malicious people to manipulate certain data and potentially compromise a user's system. For more information: SA42850 SOLUTION: Update to version 8.0.555.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.srware.net/forum/viewtopic.php?f=18&t=2054 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 16:48:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 01:48:17 +0100 Subject: [SEC] [SA43042] yubikey-personalization AES Key Generation Weakness Message-ID: <201101250048.p0P0mHUQ012975@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: yubikey-personalization AES Key Generation Weakness SECUNIA ADVISORY ID: SA43042 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43042/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43042 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43042/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43042/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43042 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in yubikey-personalization, which can be exploited by malicious people to bypass certain security features. The weakness is caused due to yubikey-personalization not properly using salts when generating the AES keys, which can result in a weaker security than expected. The weakness is reported in versions prior to 1.3.4. SOLUTION: Update to version 1.3.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits Ben. ORIGINAL ADVISORY: http://code.google.com/p/yubikey-personalization/source/detail?r=259 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 17:16:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 02:16:03 +0100 Subject: [SEC] [SA42940] DATEV Grundpaket Basis Insecure Library Loading Vulnerability Message-ID: <201101250116.p0P1G3D0001957@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: DATEV Grundpaket Basis Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA42940 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42940/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42940 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/42940/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42940/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42940 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in DATEV Grundpaket Basis, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application (DMTGUI2.EXE and DvInesLogFileViewer.Exe) loading libraries (e.g. DVBSKNLANG101.dll and DvZediTermSrvInfo004.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening certain files (e.g .dmt, .adl, or .c02) located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version CD23.20. Other versions may also be affected. SOLUTION: Apply updates. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: Nikolas Sotiriu ORIGINAL ADVISORY: http://sotiriu.de/adv/NSOADV-2010-010.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 17:45:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 02:45:58 +0100 Subject: [SEC] [SA43053] SSSD "pam_parse_in_data_v2()" Denial of Service Vulnerability Message-ID: <201101250145.p0P1jwHC023555@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SSSD "pam_parse_in_data_v2()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA43053 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43053/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43053 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43053/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43053/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43053 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SSSD, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "pam_parse_in_data_v2()" function in src/responder/pam/pamsrv_cmd.c and can be exploited to trigger an endless loop and e.g. cause a crash by sending specially crafted packages to SSSD. The vulnerability is reported in version 1.5.0. Other versions may also be affected. SOLUTION: Fixed in the Trac repository. PROVIDED AND/OR DISCOVERED BY: Sebastian Krahmer ORIGINAL ADVISORY: Red Hat Bug #661163: https://bugzilla.redhat.com/show_bug.cgi?id=661163 https://fedorahosted.org/sssd/changeset/f15683b4b100351e24e305d25bd4785c79ac8f55 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 18:10:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 03:10:37 +0100 Subject: [SEC] [SA43026] Gentoo update for adobe-flash Message-ID: <201101250210.p0P2Abnx012450@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gentoo update for adobe-flash SECUNIA ADVISORY ID: SA43026 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43026 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43026/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43026/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43026 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for adobe-flash. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct click-jacking and cross-site scripting attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user's system. For more information: SA38547 SA40026 SA40907 SA41434 SA41917 SOLUTION: Update to version "www-plugins/adobe-flash-10.1.102.64" or later. ORIGINAL ADVISORY: GLSA 201101-09: http://www.gentoo.org/security/en/glsa/glsa-201101-09.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 18:25:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 03:25:08 +0100 Subject: [SEC] [SA43035] InetServer SMTP / POP3 Service Format String Vulnerabilities Message-ID: <201101250225.p0P2P8W7000813@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: InetServer SMTP / POP3 Service Format String Vulnerabilities SECUNIA ADVISORY ID: SA43035 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43035/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43035 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43035/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43035/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43035 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in InetServer, which can be exploited by malicious users and malicious people to compromise a vulnerable system. 1) A format string error when processing SMTP commands can be exploited to corrupt memory via a specially crafted string sent to the SMTP service. Successful exploitation of this vulnerability allows execution of arbitrary code. 2) A format string error when processing POP3 commands can be exploited to corrupt memory via a specially crafted string passed to e.g. the RETR command. Successful exploitation of this vulnerability allows execution of arbitrary code, but requires valid user credentials. The vulnerabilities are confirmed in version 3.2.3. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: 1) G13 2) dmnt Additional details provided by Secunia Research. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 18:45:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 03:45:52 +0100 Subject: [SEC] [SA43036] CultBooking Multiple Vulnerabilities Message-ID: <201101250245.p0P2jqNq021991@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: CultBooking Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43036 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43036/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43036 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43036/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43036/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43036 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in CultBooking, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. 1) Input passed via the "lang" parameter and via the "bookingcode" and "email" POST parameters to cultbooking.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "lang" parameter to cultbooking.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or remote resources. The vulnerabilities are confirmed in version 2.0.4 Open Source. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified and sanitised. PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Labs. ORIGINAL ADVISORY: ZSL-2011-4987: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4987.php ZSL-2011-4988: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-4988.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 19:21:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 04:21:19 +0100 Subject: [SEC] [SA43028] Gallery Arbitrary File Upload Vulnerability Message-ID: <201101250321.p0P3LJVY011865@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Gallery Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA43028 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43028/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43028 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43028/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43028/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43028 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Gallery, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to the application incorrectly validating the extension of an uploaded file. This can be exploited to e.g. upload and execute arbitrary PHP files. Successful exploitation requires upload privileges. The vulnerability is reported in versions prior to 3.0.1. SOLUTION: Update to version 3.0.1 or apply vendor supplied patches. PROVIDED AND/OR DISCOVERED BY: The vendor credits Kriss Andsten. ORIGINAL ADVISORY: Gallery: http://gallery.menalto.com/gallery_3.0.1_released OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 19:45:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 04:45:58 +0100 Subject: [SEC] [SA43050] Fedora update for wordpress-mu Message-ID: <201101250345.p0P3jwk4000696@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for wordpress-mu SECUNIA ADVISORY ID: SA43050 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43050/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43050 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43050/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43050/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43050 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wordpress-mu. This fixes some vulnerabilities, which can be exploited by malicious users to conduct script insertion and SQL injection attacks. For more information: SA42431 SA42755 SOLUTION: Apply updated packages via the yum utility ("yum update wordpress-mu"). ORIGINAL ADVISORY: FEDORA-2011-0352: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053349.html FEDORA-2011-0335: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053367.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 24 20:10:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 05:10:46 +0100 Subject: [SEC] [SA43055] Fedora update for sssd Message-ID: <201101250410.p0P4AkAU022051@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for sssd SECUNIA ADVISORY ID: SA43055 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43055/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43055 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43055/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43055/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43055 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for sssd. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA43053 SOLUTION: Apply updated packages using the yum utility ("yum update sssd"). ORIGINAL ADVISORY: FEDORA-2011-0364: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053337.html FEDORA-2011-0337: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053319.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 10:30:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 19:30:53 +0100 Subject: [SEC] [SA43009] Linux Kernel "dvb_ca_ioctl()" Memory Corruption Vulnerability Message-ID: <201101251830.p0PIUrml016167@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Linux Kernel "dvb_ca_ioctl()" Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA43009 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43009/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43009 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43009/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43009/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43009 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to an error within the "dvb_ca_ioctl()" function in drivers/media/dvb/ttpci/av7110_ca.c, which can be exploited to cause a kernel memory corruption by sending a specially crafted IOCTL. SOLUTION: Fixed in version 2.6.38-rc2. PROVIDED AND/OR DISCOVERED BY: Disclosed in a GIT commit. ORIGINAL ADVISORY: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=cb26a24ee9706473f31d34cc259f4dcf45cd0644 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 11:30:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 20:30:57 +0100 Subject: [SEC] [SA43056] SUSE update for kernel Message-ID: <201101251930.p0PJUvgT006646@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA43056 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43056/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43056 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43056/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43056/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43056 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA42035 SA42372 1) An error withing the Econet protocol implementation can be exploited to cause a stack overflow by sending specially crafted network traffic. 2) An error within the "econet_sendmsg()" function in net/econet/af_econet.c when handling remote addresses can be exploited to cause a crash. 3) An error within the "ec_dev_ioctl()" function in net/econet/af_econet.c incorrectly enforces access restriction, which can be exploited to assign an Econet address to arbitrary interfaces. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SUSE-SA:2011:005: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00007.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 12:31:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 21:31:25 +0100 Subject: [SEC] [SA43082] syslog-ng Multiple Vulnerabilities Message-ID: <201101252031.p0PKVP2c029563@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: syslog-ng Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43082 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43082/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43082 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43082/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43082/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43082 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: BalaBit has acknowledged multiple vulnerabilities in syslog-ng, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA34411 SA37291 SA38807 SA40000 SA42243 The vulnerabilities are reported in versions prior to 3.0.6a and prior to 3.2.1a. SOLUTION: Update to version 3.0.6a and 3.2.1a. ORIGINAL ADVISORY: https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 13:32:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 22:32:24 +0100 Subject: [SEC] [SA43066] WordPress Recip.ly Plugin Arbitrary File Upload Vulnerability Message-ID: <201101252132.p0PLWOed020081@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress Recip.ly Plugin Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA43066 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43066/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43066 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43066/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43066/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43066 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the WordPress Recip.ly Plugin, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to wp-content/plugins/reciply/uploadImage.php not properly validating uploaded file types, which can be exploited to e.g. execute arbitrary PHP code through an uploaded PHP file. The vulnerability is confirmed in version 1.1.7. Other versions may also be affected. SOLUTION: Edit the source code to prevent arbitrary file upload. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisories/WordPress.Recip.ly.Plugin.1.1.7_Arbitrary.Upload_92.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 14:25:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 23:25:29 +0100 Subject: [SEC] [SA43068] SUSE update for Multiple Packages Message-ID: <201101252225.p0PMPTb2010250@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for Multiple Packages SECUNIA ADVISORY ID: SA43068 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43068/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43068/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43068/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43068 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for multiple packages, which fixes multiple vulnerabilities. For more information: SA32349 SA33495 SA35095 SA35379 SA35411 SA35449 SA35758 SA36269 SA36677 SA37273 SA37346 SA37769 SA38061 SA38545 SA38932 SA39029 SA39091 SA39384 SA39661 SA39937 SA40002 SA40072 SA40105 SA40112 SA40148 SA40196 SA40257 SA40664 SA40783 SA41014 SA41085 SA41242 SA41328 SA41390 SA41443 SA41535 SA41841 SA41888 SA41968 SA42151 SA42264 SA42290 SA42312 SA42443 SA42461 SA42658 SA42769 SA42886 SA42956 SA43053 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SR:2011:002: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00006.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 14:46:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Jan 2011 23:46:44 +0100 Subject: [SEC] [SA43062] WordPress Conduit Banner Plugin "banner-index-field-id" Cross-Site Scripting Vulnerability Message-ID: <201101252246.p0PMki3o031386@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress Conduit Banner Plugin "banner-index-field-id" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43062 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43062/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43062 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43062/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43062/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43062 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in the Conduit Banner plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "banner-index-field-id" parameter to wp-content/plugins/conduit-banner-selector/conduit-banner-selector-banners.php (when "category-id" is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 0.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisories/WordPress.Conduit.Banner.Plugin.0.2_Reflected.Cross-site.Scripting_90.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 15:19:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 00:19:08 +0100 Subject: [SEC] [SA43075] WordPress Uploader Plugin Two Vulnerabilities Message-ID: <201101252319.p0PNJ8aO020638@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress Uploader Plugin Two Vulnerabilities SECUNIA ADVISORY ID: SA43075 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43075/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43075 RELEASE DATE: 2011-01-25 DISCUSS ADVISORY: http://secunia.com/advisories/43075/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43075/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43075 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in the Uploader plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. 1) Input passed via the "num" parameter to wp-content/plugins/uploader/views/notify.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The wp-content/plugins/uploader/uploadify/uploadify.php script allows the upload of files with arbitrary extensions to a folder inside the webroot. This can be exploited to upload arbitrary files inside the webroot and e.g. execute arbitrary PHP code. The vulnerabilities are confirmed in version 1.0.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Restrict access to wp-content/plugins/uploader/uploadify/uploadify.php (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisories/WordPress.Uploader.1.0.0_Reflected.Cross-site.Scripting_77.html http://www.autosectools.com/Advisories/WordPress.Uploader.1.0.0_Arbitrary.Upload_78.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 15:48:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 00:48:32 +0100 Subject: [SEC] [SA43069] WordPress x7Host's Videox7 UGC Plugin "listid" Cross-Site Scripting Vulnerability Message-ID: <201101252348.p0PNmWTo009833@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress x7Host's Videox7 UGC Plugin "listid" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43069 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43069/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43069 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43069/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43069/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43069 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in WordPress x7Host's Videox7 UGC Plugin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "listid" parameter in wordpress/wp-content/plugins/x7host-videox7-ugc-plugin/x7listplayer.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.5.3.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisories/WordPress.x7Host%27s.Videox7.UGC.Plugin.2.5.3.2_Reflected.Cross-site.Scripting_87.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 16:14:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 01:14:56 +0100 Subject: [SEC] [SA43029] Modbus/TCP Master OPC Server Packet Processing Buffer Overflow Vulnerability Message-ID: <201101260014.p0Q0EunB031209@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Modbus/TCP Master OPC Server Packet Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA43029 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43029/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43029 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43029/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43029/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43029 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Modbus/TCP Master OPC Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to a boundary error when processing MODBUS protocol response packets. This can be exploited to cause a heap-based buffer overflow via a specially crafted packet. Successful exploitation may allow execution of arbitrary code, but requires the server to open a communication channel to an attacker controlled IP address. The vulnerability is reported in versions prior to 3.0.2. SOLUTION: Update to version 3.0.2. PROVIDED AND/OR DISCOVERED BY: Jeremy Brown ORIGINAL ADVISORY: Automated Solutions: http://automatedsolutions.com/pub/asmbtcpopc/readme.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 16:50:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 01:50:48 +0100 Subject: [SEC] [SA43067] WordPress WP Publication Archive Plugin "file" Information Disclosure Vulnerability Message-ID: <201101260050.p0Q0omfU020616@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress WP Publication Archive Plugin "file" Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA43067 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43067/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43067 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43067/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43067/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43067 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the WP Publication Archive plugin for WordPress, which can be exploited by malicious people to disclose sensitive information. Input passed via the "file" parameter to wp-content/plugins/wp-publication-archive/includes/openfile.php is not properly verified before being used. This can be exploited to download arbitrary files. The vulnerability is confirmed in version 2.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisories/WordPress.WP.Publication.Archive.2.0.1_Local.File.Inclusion_91.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 17:14:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 02:14:58 +0100 Subject: [SEC] [SA43081] IBM WebSphere Portal / Lotus Web Content Management Unspecified Information Disclosure Message-ID: <201101260114.p0Q1EwlP009493@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Portal / Lotus Web Content Management Unspecified Information Disclosure SECUNIA ADVISORY ID: SA43081 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43081/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43081 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43081/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43081/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43081 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere Portal and Lotus Web Content Management, which can be exploited by malicious users to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error and can be exploited to disclose certain information via a specially crafted message. No further information is currently available. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PM22167, PM26397, PM25191): http://www.ibm.com/support/docview.wss?uid=swg21460422 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 17:45:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 02:45:34 +0100 Subject: [SEC] [SA43024] Progress OpenEdge Authentication Security Bypass Vulnerability Message-ID: <201101260145.p0Q1jYWr031040@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Progress OpenEdge Authentication Security Bypass Vulnerability SECUNIA ADVISORY ID: SA43024 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43024/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43024 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43024/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43024/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43024 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Progress OpenEdge, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the authentication mechanism when validating credentials on the client side and can be exploited to login to the RDBMS using any valid UserID. NOTE: Additionally, a weakness exists in the authentication process when checking for a UserID and can be exploited to enumerate valid UserIDs. The vulnerability is reported in version 10.2A. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only (e.g via network access control lists). PROVIDED AND/OR DISCOVERED BY: Alexander Polyakov, Alexey Sintsov, and Alexey Troshichev. ORIGINAL ADVISORY: http://dsecrg.com/pages/vul/show.php?id=308 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 18:11:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 03:11:39 +0100 Subject: [SEC] [SA43060] SAP Crystal Reports Server Multiple Vulnerabilities Message-ID: <201101260211.p0Q2BdqD020004@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SAP Crystal Reports Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43060 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43060/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43060 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43060/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43060/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43060 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Dmitry Chastuhin has reported multiple vulnerabilities in SAP Crystal Reports Server 2008, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks, manipulate certain data, and compromise a user's system. 1) Input passed to the "actId" parameter in InfoViewApp/jsp/common/actionNav.jsp, "backUrl" parameter in InfoViewApp/jsp/common/error.jsp, and "logonAction" parameter in InfoViewApp/logon.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An insecure "CreateTextFile()" method in an ActiveX control (scriptinghelpers.dll) can be exploited to overwrite existing files. 3) An insecure "LaunchProgram()" method in an ActiveX control (scriptinghelpers.dll) can be exploited to execute an arbitrary program. 4) An insecure "DeleteFile()" method in an ActiveX control (scriptinghelpers.dll) can be exploited to delete an arbitrary file. 5) An insecure "Kill()" method in an ActiveX control (scriptinghelpers.dll) can be exploited to terminate a running process. Successful exploitation of this vulnerability requires knowing a valid process id. 6) Input passed to the "path" parameter in PerformanceManagement/jsp/qa.jsp (when "func" is set to "browse" and "root" is set to "wi") is not properly verified before being used to read files. This can be exploited to display arbitrary files from local resources via directory traversal attacks. Successful exploitation of this vulnerability requires valid credentials. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Dmitry Chastuhin, Digital Security Research Group (DSecRG). ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1458310 https://service.sap.com/sap/support/notes/1458309 https://service.sap.com/sap/support/notes/1476930 DSecRG: http://dsecrg.com/pages/vul/show.php?id=301 http://dsecrg.com/pages/vul/show.php?id=302 http://dsecrg.com/pages/vul/show.php?id=303 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 18:46:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 03:46:32 +0100 Subject: [SEC] [SA43033] Bugzilla Multiple Vulnerabilities Message-ID: <201101260246.p0Q2kWUP009349@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Bugzilla Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43033 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43033/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43033 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43033/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43033/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43033 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Bugzilla, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct HTTP response splitting attacks, cross-site request forgery attacks, and bypass certain security restrictions. 1) An unspecified error related to insufficiently random numbers can be exploited to gain access to a user's account. 2) Certain input is not properly sanitised before being returned to the user. This can be exploited to insert arbitrary HTTP headers, which will be included in a response sent to the user. 3) Certain input passed to the URL field is not properly sanitised before being used. This can be exploited to insert HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed. 4) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited when a logged-in user visits a specially crafted web page. SOLUTION: Update to version 3.2.10, 3.4.10, or 3.6.4. PROVIDED AND/OR DISCOVERED BY: 1) Willem Pinckaers, Pine Digital Security 2) Michal Zalewski, Fr?d?ric Buclin, and Max Kanat-Alexander 4) Jos? A. V?zquez and Reed Loden The vendor also credits: * Anonymous ("mozilla11") * Michael Brooks (Sitewatch) * David Lawrence * Mark Stosberg * Byron Jones * Guy Pyrzak ORIGINAL ADVISORY: Bugzilla: http://www.bugzilla.org/security/3.2.9/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 19:23:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 04:23:43 +0100 Subject: [SEC] [SA43063] WordPress FCChat Widget Plugin "path" Cross-Site Scripting Vulnerability Message-ID: <201101260323.p0Q3Nh2A031694@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress FCChat Widget Plugin "path" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43063 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43063/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43063 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43063/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43063/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43063 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in the FCChat Widget plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "path" parameter to wp-content/plugins/fcchat/js/import.config.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.1.7. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisories/WordPress.FCChat.Widget.2.1.7_Reflected.Cross-site.Scripting_83.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 19:46:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 04:46:12 +0100 Subject: [SEC] [SA43044] Look 'n' Stop Firewall IOCTL Handling Denial of Service Vulnerability Message-ID: <201101260346.p0Q3kCbp020493@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Look 'n' Stop Firewall IOCTL Handling Denial of Service Vulnerability SECUNIA ADVISORY ID: SA43044 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43044/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43044 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43044/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43044/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43044 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Look 'n' Stop Firewall, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "lnsfw1.sys" driver when handling the 80000064h IOCTL. This can be exploited to cause an assertion error and crash the kernel via a specially crafted input buffer passed to the IOCTL. The vulnerability is confirmed in version 2.07. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Heurs OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 20:12:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 05:12:03 +0100 Subject: [SEC] [SA43071] WordPress RSS Feed Reader for WordPress Plugin "rss_url" Cross-Site Scripting Vulnerability Message-ID: <201101260412.p0Q4C3wZ009441@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress RSS Feed Reader for WordPress Plugin "rss_url" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43071 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43071/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43071 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43071/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43071/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43071 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in RSS Feed Reader for WordPress plugin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "rss_url" parameter to wp-content/plugins/rss-feed-reader/magpie/scripts/magpie_slashbox.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisories/WordPress.RSS.Feed.Reader.for.WordPress.0.1_Reflected.Cross-site.Scripting_82.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 20:46:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 05:46:36 +0100 Subject: [SEC] [SA43073] WordPress BezahlCode-Generator Plugin "gen_name" Cross-Site Scripting Vulnerability Message-ID: <201101260446.p0Q4kaN3031188@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress BezahlCode-Generator Plugin "gen_name" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43073 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43073/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43073 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43073/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43073/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43073 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the BezahlCode-Generator plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "gen_name" parameter to wp-content/plugins/bezahlcode-generator/der_generator.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisories/WordPress.BezahlCode-Generator.1.0_Reflected.Cross-site.Scripting_80.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 21:11:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 06:11:04 +0100 Subject: [SEC] [SA43070] WordPress Audio Plugin "showfile" Cross-Site Scripting Vulnerability Message-ID: <201101260511.p0Q5B4v1020063@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress Audio Plugin "showfile" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43070 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43070/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43070 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43070/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43070/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43070 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Audio plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "showfile" parameter to wp-content/plugins/audio/getid3/demos/demo.browse.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 0.5.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisories/WordPress.Audio.0.5.1_Reflected.Cross-site.Scripting_84.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 21:45:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 06:45:08 +0100 Subject: [SEC] [SA43039] Joomla! Mosets Tree Component Unspecified Vulnerability Message-ID: <201101260545.p0Q5j8vs009383@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Joomla! Mosets Tree Component Unspecified Vulnerability SECUNIA ADVISORY ID: SA43039 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43039/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43039 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43039/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43039/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43039 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with unknown impact has been reported in Mosets Tree component for Joomla!. Certain unspecified input is not properly sanitised before being used in the "Advanced Search" functionality. No further information is currently available. The vulnerability is reported in versions prior to 2.1.9. SOLUTION: Update to version 2.1.9. PROVIDED AND/OR DISCOVERED BY: The vendor credits Beat. ORIGINAL ADVISORY: Mosets Tree: http://forum.mosets.com/showthread.php?t=17297 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jan 25 22:10:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 07:10:31 +0100 Subject: [SEC] [SA43057] RSA Data Protection Manager C Client SQL Injection Vulnerability Message-ID: <201101260610.p0Q6AV7A030705@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: RSA Data Protection Manager C Client SQL Injection Vulnerability SECUNIA ADVISORY ID: SA43057 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43057/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43057 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43057/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43057/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43057 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RSA Data Protection Manager, which can be exploited by malicious users to conduct SQL injection attacks. Certain Input is not properly sanitised before being used in a SQL query. This can be exploited to insert an arbitrary encryption key and modify the client cache by manipulating SQL queries and injecting arbitrary SQL code. The vulnerability is reported in versions 1.5.x.x. SOLUTION: Apply patch (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://seclists.org/bugtraq/2011/Jan/att-138/ESA-2011-001.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 10:31:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 19:31:06 +0100 Subject: [SEC] [SA43080] TYPO3 Media [DAM] Extension Cross-Site Scripting Vulnerability Message-ID: <201101261831.p0QIV6LM019394@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: TYPO3 Media [DAM] Extension Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43080 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43080/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43080 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43080/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43080/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43080 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Media [DAM] extension for TYPO3, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user when performing file rename operations. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 1.1.8. SOLUTION: Update to version 1.1.8. PROVIDED AND/OR DISCOVERED BY: The vendor credits Christian M?ller ORIGINAL ADVISORY: TYPO3-SA-2011-001: http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-001/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 11:31:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 20:31:40 +0100 Subject: [SEC] [SA43095] SumatraPDF "closedctd()" Memory Corruption Vulnerability Message-ID: <201101261931.p0QJVe5O009889@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SumatraPDF "closedctd()" Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA43095 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43095/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43095 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43095/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43095/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43095 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SumatraPDF, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the use of vulnerable MuPDF code. For more information: SA43020 SOLUTION: Fixed in the latest prerelease version. PROVIDED AND/OR DISCOVERED BY: shinnai ORIGINAL ADVISORY: http://code.google.com/p/sumatrapdf/issues/detail?id=1180 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 12:32:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 21:32:05 +0100 Subject: [SEC] [SA43091] SUSE update for java-1_6_0-ibm Message-ID: <201101262032.p0QKW5bS000304@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: SUSE update for java-1_6_0-ibm SECUNIA ADVISORY ID: SA43091 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43091/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43091 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43091/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43091/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43091 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_6_0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, and compromise a vulnerable system. For more information: SA41791 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SA:2011:006: http://lists.opensuse.org/opensuse-security-announce/2011-01/msg00008.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 13:31:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 22:31:43 +0100 Subject: [SEC] [SA43020] MuPDF "closedctd()" Memory Corruption Vulnerability Message-ID: <201101262131.p0QLVhxw023207@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: MuPDF "closedctd()" Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA43020 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43020/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43020 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43020/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43020/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43020 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in MuPDF, which potentially can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the "closedctd()" function in fitz/filt_dctd.c when processing PDF files containing certain malformed JPEG images. This can be exploited to cause a stack corruption by e.g. tricking a user into opening a specially crafted PDF file. The vulnerability is confirmed in version 0.7. Other versions may also be affected. SOLUTION: Fixed in the darcs repository. PROVIDED AND/OR DISCOVERED BY: Originally reported in SumatraPDF by shinnai. ORIGINAL ADVISORY: http://code.google.com/p/sumatrapdf/issues/detail?id=1180&can=1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 14:25:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 23:25:10 +0100 Subject: [SEC] [SA43086] Red Hat update for webkitgtk Message-ID: <201101262225.p0QMPABw013370@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for webkitgtk SECUNIA ADVISORY ID: SA43086 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43086/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43086 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43086/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43086/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43086 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for webkitgtk. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain access restrictions, conduct spoofing attacks, cause a DoS (Denial of Service), potentially disclose sensitive information, and potentially compromise a user's system. For more information: SA40664 SA41014 SA41085 SA41242 SA42109 SA42264 SA42605 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0177-1: https://rhn.redhat.com/errata/RHSA-2011-0177.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 14:45:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Jan 2011 23:45:46 +0100 Subject: [SEC] [SA43094] Novell ZENworks Handheld Management ZfHIPCnd.exe Buffer Overflow Vulnerability Message-ID: <201101262245.p0QMjksG001998@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Novell ZENworks Handheld Management ZfHIPCnd.exe Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA43094 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43094/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43094 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43094/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43094/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43094 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell ZENworks Handheld Management, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the ZfHIPCnd.exe Access Point process and can be exploited to cause a buffer overflow via a specially request sent to TCP port 2400. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply Interim Release 4 Hot Patch 6. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: AbdulAziz Hariri via ZDI. The vendor also credits Junaid Bohio, TELUS Security Labs. ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=7007663 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-026/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 15:17:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 00:17:02 +0100 Subject: [SEC] [SA43089] Novell GroupWise Internet Agent TZID Variable Parsing Vulnerability Message-ID: <201101262317.p0QNH20r023723@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Novell GroupWise Internet Agent TZID Variable Parsing Vulnerability SECUNIA ADVISORY ID: SA43089 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43089/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43089 RELEASE DATE: 2011-01-26 DISCUSS ADVISORY: http://secunia.com/advisories/43089/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43089/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43089 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell GroupWise, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the Internet Agent component when parsing the TZID variable within a received VCALENDAR message. Successful exploitation may allow execution of arbitrary code. SOLUTION: Update to version 8.02 Hot Patch 2 or later. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person via ZDI. ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=7007638 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 15:48:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 00:48:49 +0100 Subject: [SEC] [SA43038] Joomla! B2 Portfolio Component "c" SQL Injection Vulnerability Message-ID: <201101262348.p0QNmnod012902@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Joomla! B2 Portfolio Component "c" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA43038 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43038/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43038 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43038/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43038/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43038 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Salvatore Fresta has discovered a vulnerability in the B2 Portfolio component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "c" parameter to index.php (when "option" is set to "com_b2portfolio") is not properly sanitised in components/com_b2portfolio/models/b2portfolio.php before being used in being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Salvatore Fresta aka Drosophila ORIGINAL ADVISORY: http://adv.salvatorefresta.net/B2_Portfolio_Joomla_Component_1.0.0_Multiple_SQL_Injection_Vulnerability-24012011.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 16:14:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 01:14:07 +0100 Subject: [SEC] [SA43077] Ruby Mail Gem Email Address Shell Command Injection Vulnerability Message-ID: <201101270014.p0R0E7GK001774@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ruby Mail Gem Email Address Shell Command Injection Vulnerability SECUNIA ADVISORY ID: SA43077 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43077/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43077 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43077/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43077/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43077 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Mail gem for Ruby, which can be exploited by malicious people to compromise a vulnerable system. Input passed via an email from address is not properly sanitised in the "deliver()" function (lib/mail/network/delivery_methods/sendmail.rb) before being used as a command line argument. This can be exploited to inject arbitrary shell commands. Successful exploitation requires the gem to use sendmail for mail delivery. The vulnerability is reported versions prior to 2.2.15. SOLUTION: Update to version 2.2.15. PROVIDED AND/OR DISCOVERED BY: The vendor credits Andy Lindeman and Steven Lorek. ORIGINAL ADVISORY: http://groups.google.com/group/mail-ruby/browse_thread/thread/e93bbd05706478dd?pli=1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 16:47:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 01:47:32 +0100 Subject: [SEC] [SA43087] JBoss Web Framework Kit Spring Framework Code Execution Vulnerability Message-ID: <201101270047.p0R0lWaW023480@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: JBoss Web Framework Kit Spring Framework Code Execution Vulnerability SECUNIA ADVISORY ID: SA43087 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43087/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43087 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43087/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43087/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43087 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has acknowledged a vulnerability in JBoss Web Framework Kit, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA40260 The vulnerability is reported in versions prior to 1.1.0. SOLUTION: Update to version 1.1.0. ORIGINAL ADVISORY: https://www.redhat.com/security/data/cve/CVE-2010-1622.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 17:15:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 02:15:23 +0100 Subject: [SEC] [SA43052] Cisco Content Services Gateway Security Bypass and Denial of Service Message-ID: <201101270115.p0R1FNit012502@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Cisco Content Services Gateway Security Bypass and Denial of Service SECUNIA ADVISORY ID: SA43052 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43052/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43052 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43052/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43052/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43052 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco Content Services Gateway (CSG2), which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). 1) An error when checking access policies can be exploited to gain access to restricted sites by sending specially crafted HTTP packets. Successful exploitation of this vulnerability requires accessing a non-accounted site first. 2) An unspecified error can be exploited to cause the device to reload or hang via specially crafted TCP packets 3) A second unspecified error can be exploited to cause the device to reload or hang via specially crafted TCP packets Successful exploitation of these vulnerabilities requires only a single content service to be active. Additionally, a TCP three-way handshake is not required. Please see the vendor's advisory for a list of affected IOS Software. SOLUTION: Apply fixes (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: cisco-sa-20110126-csg2: http://www.cisco.com/en/US/products/products_security_advisory09186a0080b6791d.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 17:46:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 02:46:15 +0100 Subject: [SEC] [SA43045] PivotX "image" Cross-Site Scripting Vulnerability Message-ID: <201101270146.p0R1kF5n001596@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PivotX "image" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43045 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43045/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43045 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43045/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43045/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43045 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in PivotX, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "image" parameter in pivotx/modules/module_image.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.2.2. Other versions may also be affected. SOLUTION: Fixed in the SVN repository. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisories/PivotX.2.2.2_Reflected.Cross-site.Scripting_76.html http://sourceforge.net/projects/pivot-weblog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 18:10:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 03:10:57 +0100 Subject: [SEC] [SA43085] Red Hat update for java-1.6.0-openjdk Message-ID: <201101270210.p0R2Avj9022936@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-openjdk SECUNIA ADVISORY ID: SA43085 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43085/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43085 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43085/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43085/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43085 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-openjdk. This fixes a security issue and a vulnerability, which can be exploited by malicious people to disclose system information and compromise a user's system. For more information: SA42412 SA43002 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0176-1: https://rhn.redhat.com/errata/RHSA-2011-0176.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 18:45:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 03:45:46 +0100 Subject: [SEC] [SA43092] Greenbone Security Assistant Cross-Site Request Forgery Vulnerability Message-ID: <201101270245.p0R2jkih012256@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Greenbone Security Assistant Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA43092 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43092/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43092 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43092/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43092/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43092 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Greenbone Security Assistant, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. execute arbitrary commands in OpenVAS Manager by tricking a logged in administrative user into visiting a malicious web site. The vulnerability is reported in version 1.0.3. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: OVSA20110118: http://www.openvas.org/OVSA20110118.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 19:15:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 04:15:17 +0100 Subject: [SEC] [SA43043] Panda Products APPFLT.SYS Driver IOCTL Handling Vulnerabilities Message-ID: <201101270315.p0R3FHI0001770@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Panda Products APPFLT.SYS Driver IOCTL Handling Vulnerabilities SECUNIA ADVISORY ID: SA43043 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43043/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43043 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43043/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43043/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43043 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in certain Panda products, which can be exploited by malicious, local users to potentially gain escalated privileges. 1) Insufficient input validation in the APPFLT.SYS driver when processing 06660D4Ch and 06660D50h IOCTLs can be exploited to cause a buffer overflow. 2) Missing input validation in the APPFLT.SYS driver when processing the 06660E1Ch IOCTL can be exploited to corrupt memory by copying user-controlled data to an semi-arbitrary virtual memory address. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are confirmed in the following products: * Panda Global Protection 2010 version 3.01.00 (Appflt.sys version 2.3.0.8). * Panda Global Protection 2011 version 4.00.00 (Appflt.sys version 2.3.0.10). * Panda Internet Security 2011 version 16.00.00 (Appflt.sys version 2.3.0.10). SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Heurs Additional details provided by Secunia Research. ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/16022 http://www.exploit-db.com/exploits/16023 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 19:44:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 04:44:50 +0100 Subject: [SEC] [SA43022] Ubuntu update for hplip Message-ID: <201101270344.p0R3ioQ5023319@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for hplip SECUNIA ADVISORY ID: SA43022 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43022/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43022 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43022/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43022/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43022 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA42956 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1048-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001235.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 20:09:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 05:09:45 +0100 Subject: [SEC] [SA43031] Lomtec ActiveWeb Professional Arbitrary File Upload Vulnerability Message-ID: <201101270409.p0R49jnp012194@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Lomtec ActiveWeb Professional Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA43031 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43031/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43031 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43031/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43031/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43031 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Lomtec ActiveWeb Professional, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the EasyEdit.cfm script allowing the upload of arbitrary files to a folder inside the web root. This can be exploited to upload arbitrary files and e.g. execute arbitrary CFM code. The vulnerability is reported in version 3.0. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: StenoPlasma ORIGINAL ADVISORY: ExploitDevelopment: http://www.exploitdevelopment.com/Vulnerabilities/2010-WEB-002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 20:23:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 05:23:30 +0100 Subject: [SEC] [SA43040] PivotX "color" and "src" Cross-Site Scripting Vulnerabilities Message-ID: <201101270423.p0R4NUDW000526@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PivotX "color" and "src" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA43040 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43040/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43040 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43040/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43040/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43040 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in PivotX, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed to the "color" parameter in pivotx/includes/blogroll.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "src" parameter in pivotx/includes/timwrapper.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 2.2.0. Prior versions may also be affected. SOLUTION: Update to version 2.2.2. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: http://blog.pivotx.net/archive/2011/01/11/pivotx-222-released HTB22788: http://www.htbridge.ch/advisory/xss_in_pivotx.html HTB22790: http://www.htbridge.ch/advisory/xss_in_pivotx_1.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 20:44:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 05:44:38 +0100 Subject: [SEC] [SA43088] HP OpenView Storage Data Protector Unspecified Denial of Service Message-ID: <201101270444.p0R4icdQ021698@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: HP OpenView Storage Data Protector Unspecified Denial of Service SECUNIA ADVISORY ID: SA43088 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43088/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43088 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43088/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43088/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43088 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in the following versions: * HP OpenView Storage Data Protector version 6.11 running on Windows 2000, XP, 2003, 2008, and Vista. * HP OpenView Storage Data Protector version 6.10 running on Windows 2000, XP, 2003, 2008, and Vista. * HP OpenView Storage Data Protector version 6.0 running on Windows 2000, XP, and 2003. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02626 SSRT100301: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02699143 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 21:10:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 06:10:26 +0100 Subject: [SEC] [SA43041] PivotX Path Disclosure Weakness Message-ID: <201101270510.p0R5AQOx010626@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PivotX Path Disclosure Weakness SECUNIA ADVISORY ID: SA43041 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43041/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43041 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43041/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43041/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43041 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been discovered in PivotX, which can be exploited by malicious people to disclose certain system information. An error message caused by a non-existing file being passed to the "image" parameter in pivotx/modules/module_image.php leads to a full path disclosure of the location of the mentioned PHP file. The weakness is confirmed in version 2.2.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that system information isn't unnecessarily disclosed. PROVIDED AND/OR DISCOVERED BY: FAChwErk OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 21:23:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 06:23:39 +0100 Subject: [SEC] [SA43037] OpenVAS Manager Command Injection Vulnerability Message-ID: <201101270523.p0R5Nd2g031369@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: OpenVAS Manager Command Injection Vulnerability SECUNIA ADVISORY ID: SA43037 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43037/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43037 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43037/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43037/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43037 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in OpenVAS Manager, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an input validation error in the "email()" function in manage_sql.c while processing OMP (OpenVAS Management Protocol) requests. This can be exploited to inject and execute arbitrary shell commands via a specially crafted request sent using the Greenbone Security Assistant web application. The vulnerability is reported in versions 1.0.3 and prior. SOLUTION: Update to version 1.0.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits Ronald Kingma and Alexander van Eee, ISSX. ORIGINAL ADVISORY: OVSA20110118: http://www.openvas.org/OVSA20110118.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 21:44:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 06:44:41 +0100 Subject: [SEC] [SA43023] Opera Integer Truncation Vulnerability Message-ID: <201101270544.p0R5ifas020082@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Opera Integer Truncation Vulnerability SECUNIA ADVISORY ID: SA43023 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43023/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43023 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43023/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43023/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43023 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer truncation error when processing certain specially crafted HTML pages and can be exploited by e.g. tricking a user into visiting a malicious website. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 10.50 and 11.00. Other versions may also be affected. SOLUTION: According to the vendor, this will be fixed in version 11.01 scheduled for release later this week. PROVIDED AND/OR DISCOVERED BY: Jordi Chancel ORIGINAL ADVISORY: https://www.alternativ-testing.fr/blog/index.php?post/2011/[CVE-XXXX-XXXX]-Opera-11-Integer-Truncation-Vulnerability OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jan 26 22:10:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 07:10:00 +0100 Subject: [SEC] [SA43064] WordPress Featured Content Plugin "param" Cross-Site Scripting Vulnerability Message-ID: <201101270610.p0R6A0iP008983@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress Featured Content Plugin "param" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43064 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43064/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43064 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43064/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43064/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43064 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in the Featured Content plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "param" parameter to wp-content/plugins/featured-content/js/modalbox/tests/functional/_ajax_method_get.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 0.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisories/WordPress.Featured.Content.0.0.1_Reflected.Cross-site.Scripting_88.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 10:30:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 19:30:58 +0100 Subject: [SEC] [SA43065] Debian update for openoffice.org Message-ID: <201101271830.p0RIUw0E009262@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for openoffice.org SECUNIA ADVISORY ID: SA43065 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43065/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43065 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43065/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43065/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43065 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for openoffice.org. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system. For more information: SA40775 SOLUTION: Install updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA 2151-1: http://lists.debian.org/debian-security-announce/2011/msg00015.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 11:30:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 20:30:57 +0100 Subject: [SEC] [SA43102] Fedora update for hplip Message-ID: <201101271930.p0RJUvJo032114@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for hplip SECUNIA ADVISORY ID: SA43102 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43102/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43102 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43102/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43102/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43102 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA42956 SOLUTION: Apply updated packages via the yum utility ("yum update hplip"). ORIGINAL ADVISORY: FEDORA-2011-0524: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053474.html FEDORA-2011-0525: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053472.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 12:31:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 21:31:33 +0100 Subject: [SEC] [SA43076] PRTG Network Monitor Cross-Site Scripting Vulnerabilities Message-ID: <201101272031.p0RKVXfV022613@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: PRTG Network Monitor Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA43076 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43076/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43076 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43076/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43076/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43076 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in PRTG Network Monitor, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "errormsg" parameter to login.htm and via the "errormsg" and "errorurl" parameters to error.htm is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 8.1.2.1809. Prior versions may also be affected. SOLUTION: Update to version 8.2.0.1898/1899. PROVIDED AND/OR DISCOVERED BY: Joshua Gimer ORIGINAL ADVISORY: PRTG Network Monitor: http://www.paessler.com/prtg/prtg8history Joshua Gimer: http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0479.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 13:31:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 22:31:29 +0100 Subject: [SEC] [SA43079] Oracle PDF Import Extension Xpdf Vulnerabilities Message-ID: <201101272131.p0RLVTJV013068@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Oracle PDF Import Extension Xpdf Vulnerabilities SECUNIA ADVISORY ID: SA43079 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43079/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43079 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43079/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43079/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43079 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in the Oracle PDF Import Extension for OpenOffice.org / Oracle Open Office, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to the use of vulnerable Xpdf code. For more information: SA41709 SOLUTION: Update to version 1.0.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.openoffice.org/security/cves/CVE-2010-3702_CVE-2010-3704.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 14:25:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 23:25:15 +0100 Subject: [SEC] [SA43106] Symantec Quarantine Server Intel Alert Management System Multiple Vulnerabilities Message-ID: <201101272225.p0RMPFVp003228@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Symantec Quarantine Server Intel Alert Management System Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43106 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43106/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43106 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43106/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43106/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43106 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Symantec Quarantine Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. For more information: SA43099 The vulnerabilities are reported in versions 3.5 and 3.6. SOLUTION: Upgrade to SAVCE 10.1 MR10 or SEP 11.0 MR3. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 14:46:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Jan 2011 23:46:04 +0100 Subject: [SEC] [SA43099] Symantec Products Intel Alert Management System Multiple Vulnerabilities Message-ID: <201101272246.p0RMk4Kg024334@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Symantec Products Intel Alert Management System Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43099 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43099/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43099 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43099/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43099/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43099 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Symantec products, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. 1) An error in the Intel AMS2 component when processing certain messages can be exploited to cause a buffer overflow via specially crafted packets sent to TCP port 38292. 2) An error in the Intel AMS2 component when processing certain messages can be exploited to run arbitrary commands via specially crafted packets sent to TCP port 38292. 3) An error in the Intel AMS2 component when processing certain messages can be exploited to create arbitrary events (e.g. launch a program or send an email) via specially crafted messages sent to TCP port 38292. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. 4) An error in the Intel AMS2 component when processing certain messages can be exploited to crash the Intel Alert Handler service via specially crafted packets sent to TCP port 38292. The vulnerabilities are reported in the following products: * Symantec AntiVirus Corporate Edition Server 10.x. * Symantec System Center 10.x SOLUTION: Update to version 10.1 MR10. PROVIDED AND/OR DISCOVERED BY: The vendor credits the following people: * Junaid Bohio, Telus Security Labs. * An anonymous researcher via ZDI. * Jorge Lucangeli Obes, CORE Security. ORIGINAL ADVISORY: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20110126_00 http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&suid=20110126_01 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 15:17:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 00:17:40 +0100 Subject: [SEC] [SA43103] Fedora update for myproxy Message-ID: <201101272317.p0RNHeqk013622@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for myproxy SECUNIA ADVISORY ID: SA43103 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43103/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43103 RELEASE DATE: 2011-01-27 DISCUSS ADVISORY: http://secunia.com/advisories/43103/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43103/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43103 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for myproxy. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA42972 SOLUTION: Apply updated packages via the yum utility ("yum update myproxy"). ORIGINAL ADVISORY: FEDORA-2011-0512: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053473.html FEDORA-2011-0514: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053461.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 15:48:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 00:48:13 +0100 Subject: [SEC] [SA43006] ISC DHCPv6 Message Processing Denial of Service Vulnerability Message-ID: <201101272348.p0RNmDtS002733@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: ISC DHCPv6 Message Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA43006 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43006/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43006 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43006/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43006/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43006 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is cause due to an error when processing DHCPv6 messages for a previously declined address. This can be exploited to cause an assertion failure and crash the service. NOTE: This affects DHCP version 6 servers only; DHCPv4 is not affected. SOLUTION: Update to version 4.1.2-P1, 4.1-ESV-R1, and 4.2.1b1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.isc.org/software/dhcp/advisories/cve-2011-0413 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 16:14:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 01:14:09 +0100 Subject: [SEC] [SA43078] Ubuntu update for openjdk-6 Message-ID: <201101280014.p0S0E9NN024087@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for openjdk-6 SECUNIA ADVISORY ID: SA43078 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43078/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43078 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43078/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43078/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43078 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for openjdk-6. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the "JNLPSecurityManager" class not properly enforcing security policies, which can be exploited to e.g. execute arbitrary code by tricking a user into opening a specially crafted website. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Independently discovered by Omar Majid and an anonymous reporter via ZDI. ORIGINAL ADVISORY: USN-1052-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001236.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 16:47:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 01:47:58 +0100 Subject: [SEC] [SA43074] Vanilla Forums "Target" Cross-Site Scripting Vulnerability Message-ID: <201101280047.p0S0lwnU013370@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Vanilla Forums "Target" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43074 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43074/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43074 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43074/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43074/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43074 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Vanilla Forums, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "Target" parameter to index.php (when "p" is set to "/entry/signin") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.0.16. Prior versions may also be affected. SOLUTION: Update to version 2.0.17.6. PROVIDED AND/OR DISCOVERED BY: YGN Ethical Hacker Group ORIGINAL ADVISORY: Vanilla Forums: http://www.vanillaforums.org/discussion/14397/vanilla-2.0.17-released YGN Ethical Hacker Group: http://yehg.net/lab/pr0js/advisories/[vanilla_forums-2.0.16]_cross_site_scripting OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 17:17:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 02:17:41 +0100 Subject: [SEC] [SA43096] XNova Cross-Site Request Forgery Vulnerability Message-ID: <201101280117.p0S1Hfml002433@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: XNova Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA43096 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43096/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43096 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43096/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43096/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43096 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in XNova, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without making proper validity checks to verify the requests. This can be exploited to e.g. change an user's access level to "Administrateur" by tricking an administrator into visiting a malicious web site while being logged-in to the application. The vulnerability is confirmed in version 2009.2. Other versions may also be affected. SOLUTION: Do not browse untrusted web sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Xploit A Day ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/16059 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 17:45:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 02:45:47 +0100 Subject: [SEC] [SA43104] ISC DHCPv6 Message Processing Denial of Service Vulnerability Message-ID: <201101280145.p0S1jloN023905@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: ISC DHCPv6 Message Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA43104 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43104/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43104 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43104/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43104/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43104 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ISC DHCP, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43006 SOLUTION: Upgrade to version 4.1.2-P1, 4.1-ESV-R1, or 4.2.1b1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.isc.org/software/dhcp/advisories/cve-2011-0413 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 18:11:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 03:11:24 +0100 Subject: [SEC] [SA43072] WordPress WP Featured Post with Thumbnail Plugin "src" Cross-Site Scripting Vulnerability Message-ID: <201101280211.p0S2BOkZ012829@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: WordPress WP Featured Post with Thumbnail Plugin "src" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43072 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43072/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43072 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43072/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43072/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43072 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the WP Featured Post with thumbnail plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "src" parameter to wp-content/plugins/wp-featured-post-with-thumbnail/scripts/timthumb.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 3.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisories/WordPress.WP.Featured.Post.with.thumbnail.3.0_Reflected.Cross-site.Scripting_81.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 18:46:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 03:46:07 +0100 Subject: [SEC] [SA43004] Ubuntu update for awstats Message-ID: <201101280246.p0S2k7hD002090@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Ubuntu update for awstats SECUNIA ADVISORY ID: SA43004 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43004/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43004 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43004/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43004/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43004 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for awstats. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA20164 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1047-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-January/001233.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jan 27 19:19:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 04:19:34 +0100 Subject: [SEC] [SA42995] syslog-ng Insecure Log File Permissions Security Issue Message-ID: <201101280319.p0S3JYLZ024296@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: syslog-ng Insecure Log File Permissions Security Issue SECUNIA ADVISORY ID: SA42995 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42995/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42995 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/42995/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42995/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42995 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in syslog-ng, which can be exploited by malicious, local users to disclose potentially sensitive information and manipulate certain data. The security issue is caused due to a type casting error when assigning file permissions to a log file making it world-writable (chmod 7777). This can be exploited by an unprivileged user to modify the contents of the file. Successful exploitation requires that the application is installed on a platform where "mod_t" type is an unsigned short (e.g. FreeBSD). The security issue is reported in the following products: * syslog-ng Open Source Edition versions prior to 3.0.10, prior to 3.1.4, and prior to 3.2.2. * syslog-ng Premium Edition versions prior to 3.0.6a and prior to 3.2.1a. SOLUTION: Update to a fixed version. PROVIDED AND/OR DISCOVERED BY: The vendor credits Steven Chamberlain. ORIGINAL ADVISORY: https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000101.html https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000102.html https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000103.html https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000104.html https://lists.balabit.com/pipermail/syslog-ng-announce/2011-January/000105.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 10:30:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 19:30:29 +0100 Subject: [SEC] [SA42999] Red Hat update for openoffice.org Message-ID: <201101281830.p0SIUTZH020683@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for openoffice.org SECUNIA ADVISORY ID: SA42999 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/42999/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=42999 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/42999/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/42999/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=42999 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for openoffice.org. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a user's system. For more information: SA40775 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0182-1: http://rhn.redhat.com/errata/RHSA-2011-0182.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 11:30:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 20:30:23 +0100 Subject: [SEC] [SA43100] Red Hat update for pango and evolution28-pango Message-ID: <201101281930.p0SJUNFM011143@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for pango and evolution28-pango SECUNIA ADVISORY ID: SA43100 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43100/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43100 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43100/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43100/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43100 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for pango and evolution28-pango. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA42934 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0180-1: https://rhn.redhat.com/errata/RHSA-2011-0180.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 12:31:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 21:31:03 +0100 Subject: [SEC] [SA43097] Weborf HTTP Header Parsing Signedness Vulnerability Message-ID: <201101282031.p0SKV3qb001576@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Weborf HTTP Header Parsing Signedness Vulnerability SECUNIA ADVISORY ID: SA43097 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43097/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43097 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43097/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43097/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43097 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Weborf, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to a signedness error in the "get_param_value()" function (utils.c) when parsing HTTP header values. This can be exploited to cause a stack-based buffer overflow via a specially crafted e.g. "Content-Length" HTTP header. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 0.12.4. Prior versions may also be affected. SOLUTION: Update to version 0.12.5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://galileo.dmi.unict.it/svn/weborf/trunk/CHANGELOG OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 13:30:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 22:30:32 +0100 Subject: [SEC] [SA43109] Fedora update for chm2pdf Message-ID: <201101282130.p0SLUWmp024487@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for chm2pdf SECUNIA ADVISORY ID: SA43109 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43109/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43109 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43109/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43109/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43109 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for chm2pdf. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges or to cause a DoS (Denial of Service). For more information: SA32257 SOLUTION: Apply updated packages via the yum utility ("yum update chm2pdf"). ORIGINAL ADVISORY: FEDORA-2011-0467: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053501.html FEDORA-2011-0454: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053510.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 14:24:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 23:24:53 +0100 Subject: [SEC] [SA43083] Debian update for hplip Message-ID: <201101282224.p0SMOr72014702@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for hplip SECUNIA ADVISORY ID: SA43083 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43083/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43083 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43083/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43083/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43083 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for hplip. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA42956 SOLUTION: Install updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2152-1: http://lists.debian.org/debian-security-announce/2011/msg00016.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 14:46:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Jan 2011 23:46:06 +0100 Subject: [SEC] [SA43090] Puppet Missing "auth.conf" Security Issue Message-ID: <201101282246.p0SMk6PV003398@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Puppet Missing "auth.conf" Security Issue SECUNIA ADVISORY ID: SA43090 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43090/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43090 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43090/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43090/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43090 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Puppet, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data. The security issue is caused due to Puppet not properly restricting access under certain conditions, which can be exploited to e.g. disclose certain information or manipulate certain resources. Successful exploitation against servers requires that the auth.conf file is missing and the attacker has SSL credentials of another node. Successful exploitation against clients requires that the auth.conf file is missing, the client is running as daemon in "listen" mode, the attacker's host is in namespaceauth.conf, and the attacker has SSL credentials of another node. The security issue is reported in versions 2.6.x prior to 2.6.4. SOLUTION: Update to version 2.6.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.mail-archive.com/puppet-users at googlegroups.com/msg16429.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 15:17:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Jan 2011 00:17:00 +0100 Subject: [SEC] [SA43030] IBM Tivoli Common Reporting Unspecified Vulnerabilities Message-ID: <201101282317.p0SNH0m6025067@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM Tivoli Common Reporting Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA43030 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43030/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43030 RELEASE DATE: 2011-01-28 DISCUSS ADVISORY: http://secunia.com/advisories/43030/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43030/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43030 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged some vulnerabilities with unknown impact in IBM Tivoli Common Reporting. The vulnerabilities exist in the bundled version of WebSphere Application Server. This may be related to: SA42136 SOLUTION: Apply APAR IY99978 or update to Tivoli Common Reporting 1.2.0 Interim Fix 9. ORIGINAL ADVISORY: IBM (IY99978): http://www.ibm.com/support/docview.wss?uid=swg1IY99978 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 15:48:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Jan 2011 00:48:27 +0100 Subject: [SEC] [SA43059] IBM DB2 Administration Server Buffer Overflow Vulnerability Message-ID: <201101282348.p0SNmRnq014252@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM DB2 Administration Server Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA43059 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43059/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43059 RELEASE DATE: 2011-01-29 DISCUSS ADVISORY: http://secunia.com/advisories/43059/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43059/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43059 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM DB2, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error in the DAS (DB2 Administration Server) server and can be exploited to cause a buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability are reported in the following versions: * IBM DB2 versions prior to 9.1 Fix Pack 10. * IBM DB2 versions prior to 9.5 Fix Pack 7. * IBM DB2 versions prior to 9.7 Fix Pack 3. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person via ZDI. ORIGINAL ADVISORY: IBM(IC71203, IC72028, IC72029) https://www-01.ibm.com/support/docview.wss?uid=swg1IC71203 https://www-01.ibm.com/support/docview.wss?uid=swg1IC72028 https://www-01.ibm.com/support/docview.wss?uid=swg1IC72029 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 16:13:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Jan 2011 01:13:29 +0100 Subject: [SEC] [SA43113] EMC NetWorker RPC Library "nsrexecd" Daemon Security Bypass Message-ID: <201101290013.p0T0DTng003126@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: EMC NetWorker RPC Library "nsrexecd" Daemon Security Bypass SECUNIA ADVISORY ID: SA43113 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43113/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43113 RELEASE DATE: 2011-01-29 DISCUSS ADVISORY: http://secunia.com/advisories/43113/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43113/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43113 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in EMC NetWorker, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the RPC library (librpc.dll) within the "nsrexecd" daemon when performing access control for service commands. This can be exploited to bypass some access restrictions and execute certain service commands (e.g. unregister or register RPC services) via spoofed UDP packets. The vulnerability is reported in the following products: * EMC NetWorker versions prior to 7.5.3.5. * EMC NetWorker versions prior to 7.6.1.2. SOLUTION: Update to version 7.5.3.5, 7.5 SP4 or later, and 7.6.1.2 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person via ZDI. ORIGINAL ADVISORY: EMC: http://archives.neohapsis.com/archives/bugtraq/2011-01/att-0162/ESA-2011-003.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jan 28 16:47:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Jan 2011 01:47:32 +0100 Subject: [SEC] [SA43098] RealPlayer AVI Header Parsing Buffer Overflow Vulnerability Message-ID: <201101290047.p0T0lWjb024848@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: RealPlayer AVI Header Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA43098 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43098/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43098 RELEASE DATE: 2011-01-29 DISCUSS ADVISORY: http://secunia.com/advisories/43098/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43098/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43098 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RealPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the vidplin.dll module while parsing the AVI header and can be exploited to cause a heap-based buffer overflow by e.g. tricking a user into opening a malicious AVI file. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 14.0.1 and prior, SP 1.1.5 and prior, and 11.1 and prior. SOLUTION: Update to version 14.0.2. PROVIDED AND/OR DISCOVERED BY: Juan Pablo Lopez Yacubian via ZDI. ORIGINAL ADVISORY: RealNetworks: http://service.real.com/realplayer/security/01272011_player/en/ ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-033/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jan 29 10:31:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Jan 2011 19:31:10 +0100 Subject: [SEC] [SA43093] Microsoft Windows MHTML Cross-Site Scripting Vulnerability Message-ID: <201101291831.p0TIVA5s028620@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Microsoft Windows MHTML Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43093 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43093/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43093 RELEASE DATE: 2011-01-29 DISCUSS ADVISORY: http://secunia.com/advisories/43093/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43093/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43093 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting attacks. The vulnerability is caused due to an error in the way the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler interprets MIME-formatted requests for content blocks within a document. This can e.g. be exploited via Internet Explorer to execute arbitrary HTML and script code in a user's browser session in context of a web site. SOLUTION: Enable MHTML protocol lockdown (either manually or using the available automated "Microsoft Fix it" solution). Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: d4rkwind ORIGINAL ADVISORY: Microsoft: http://www.microsoft.com/technet/security/advisory/2501696.mspx Ph4nt0m Webzine 0x05 (Chinese): http://www.80vul.com/webzine_0x05/0x05%20IE%E4%B8%8BMHTML%E5%8D%8F%E8%AE%AE%E5%B8%A6%E6%9D%A5%E7%9A%84%E8%B7%A8%E5%9F%9F%E5%8D%B1%E5%AE%B3.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 10:31:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Jan 2011 19:31:22 +0100 Subject: [SEC] [SA43108] Virtuosa ASX Playlist Processing Buffer Overflow Vulnerability Message-ID: <201101311831.p0VIVMn0016042@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Virtuosa ASX Playlist Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA43108 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43108/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43108 RELEASE DATE: 2011-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/43108/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43108/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43108 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Virtuosa, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when importing ASX playlist files and can be exploited to cause a stack-based buffer overflow via an overly long HREF attribute in the REF element. Successful exploitation allows execution of arbitrary code, but requires tricking a user into importing a malicious ASX file. The vulnerability is confirmed in version 5.2. Other versions may also be affected. SOLUTION: Do not import ASX playlist files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Acidgen OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 11:30:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Jan 2011 20:30:46 +0100 Subject: [SEC] [SA43148] IBM DB2 "DBADM" Privilege Revocation Security Bypass Message-ID: <201101311930.p0VJUkC7006492@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: IBM DB2 "DBADM" Privilege Revocation Security Bypass SECUNIA ADVISORY ID: SA43148 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43148/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43148 RELEASE DATE: 2011-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/43148/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43148/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43148 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in IBM DB2, which can be exploited by malicious users to bypass certain security restrictions. The security issue is caused due to an error in the application while revoking "DBADM" privileges. This can lead to users still being able to execute non-DDL statements. The security issue is reported in the following versions: * IBM DB2 9.1 prior to Fix Pack 10. * IBM DB2 9.5 prior to Fix Pack 6a. * IBM DB2 9.7 prior to Fix Pack 2. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IC66811, IC66814, and IC66815) http://www.ibm.com/support/docview.wss?uid=swg21426108 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 12:31:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Jan 2011 21:31:57 +0100 Subject: [SEC] [SA43128] Debian update for exim4 Message-ID: <201101312031.p0VKVvLR029428@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for exim4 SECUNIA ADVISORY ID: SA43128 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43128/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43128 RELEASE DATE: 2011-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/43128/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43128/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43128 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for exim4. This fixes a weakness, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA42930 SA43101 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2154-1: http://lists.debian.org/debian-security-announce/2011/msg00018.html DSA-2154-2: http://lists.debian.org/debian-security-announce/2011/msg00020.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 13:30:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Jan 2011 22:30:11 +0100 Subject: [SEC] [SA43112] Debian update for pcscd Message-ID: <201101312130.p0VLUBNZ019827@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for pcscd SECUNIA ADVISORY ID: SA43112 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43112/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43112 RELEASE DATE: 2011-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/43112/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43112/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43112 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for pcscd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA42659 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2156-1: http://lists.debian.org/debian-security-announce/2011/msg00021.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 14:24:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Jan 2011 23:24:12 +0100 Subject: [SEC] [SA43138] Debian update for freetype Message-ID: <201101312224.p0VMOCwA010028@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for freetype SECUNIA ADVISORY ID: SA43138 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43138/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43138 RELEASE DATE: 2011-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/43138/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43138/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43138 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for freetype. This fixes some vulnerabilities, which can be exploited to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA41738 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA 2155-1: http://lists.debian.org/debian-security-announce/2011/msg00019.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 14:45:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Jan 2011 23:45:40 +0100 Subject: [SEC] [SA43147] Fedora update for perl-CGI-Simple Message-ID: <201101312245.p0VMje2k031163@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Fedora update for perl-CGI-Simple SECUNIA ADVISORY ID: SA43147 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43147/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43147 RELEASE DATE: 2011-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/43147/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43147/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43147 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for perl-CGI-Simple. This fixes two vulnerabilities, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the library. For more information: SA42443 SA42461 SOLUTION: Apply updated packages via the yum utility ("yum update perl-CGI-Simple"). ORIGINAL ADVISORY: FEDORA-2011-0631: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053576.html FEDORA-2011-0653: http://lists.fedoraproject.org/pipermail/package-announce/2011-January/053591.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 15:14:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Feb 2011 00:14:18 +0100 Subject: [SEC] [SA43101] Exim "open_log()" Privilege Escalation Security Issue Message-ID: <201101312314.p0VNEIkP020225@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Exim "open_log()" Privilege Escalation Security Issue SECUNIA ADVISORY ID: SA43101 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43101/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43101 RELEASE DATE: 2011-01-31 DISCUSS ADVISORY: http://secunia.com/advisories/43101/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43101/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43101 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Exim, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due the "open_log()" function in log.c incorrectly checking the return values of e.g. the "setuid()" and "setgid()" functions, which can be exploited to append data to arbitrary files via symlink attacks. SOLUTION: Update to version 4.74. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://lists.exim.org/lurker/message/20110126.034702.4d69c278.en.html ftp://ftp.exim.org/pub/exim/ChangeLogs/ChangeLog-4.74 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 15:49:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Feb 2011 00:49:42 +0100 Subject: [SEC] [SA43046] web@all Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201101312349.p0VNng7J009701@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: web at all Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA43046 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43046/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43046 RELEASE DATE: 2011-02-01 DISCUSS ADVISORY: http://secunia.com/advisories/43046/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43046/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43046 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Russ McRee has discovered some vulnerabilities in web at all, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "_sv" parameter to search.php is not properly sanitised in dat/cache_tpl/web/search.htm.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via various parameters to multiple files is not properly sanitised in dat/cache_tpl/web/_msg.htm.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Examples: http://[host]/login.php?act=[code] http://[host]/search.php?_sk=[code] http://[host]/plus.php?_file=[code] http://[host]/mem/action.php?_act=[code] http://[host]/sys/action.php?_act=[code] http://[host]/sys/index.php?_file=[code] 3) Input passed e.g. via the "filename" parameter to mem/action.php (when "_lib" , "_file" , "_act" , and "category_id" are set) is not properly sanitised in lib/article/article_mem_add.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 1.1. Prior versions may also be affected. SOLUTION: Update to version 1.1.1. PROVIDED AND/OR DISCOVERED BY: 1) Independently reported by Russ McRee via Secunia and Vinz. 2, 3) Russ McRee via Secunia. ORIGINAL ADVISORY: web at all: http://webatall.com/en/download/program/program_5_6_1.html Russ McRee: http://holisticinfosec.org/content/view/175/45/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 16:14:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Feb 2011 01:14:56 +0100 Subject: [SEC] [SA43061] Polycom SoundPoint IP Phones HTTP Denial of Service Vulnerability Message-ID: <201102010014.p110EuiH031022@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Polycom SoundPoint IP Phones HTTP Denial of Service Vulnerability SECUNIA ADVISORY ID: SA43061 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43061/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43061 RELEASE DATE: 2011-02-01 DISCUSS ADVISORY: http://secunia.com/advisories/43061/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43061/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43061 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Pawel Gawinek has reported a vulnerability in Polycom SoundPoint IP Phones, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing the "Authorization" header of HTTP requests. This can be exploited to cause a device to restart via a specially crafted web request. The vulnerability is reported in the following products (other versions may also be affected): * SoundPoint IP 335 version 3.2.4.1734. * SoundPoint IP 430 version 3.2.3.1734 * SoundPoint IP 450 version 4.2.2.0710. SOLUTION: Update to the latest version. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: Pawel Gawinek ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-01/0495.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 16:48:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Feb 2011 01:48:51 +0100 Subject: [SEC] [SA43140] Hitachi JP1/NETM/DM Products Two Vulnerabilities Message-ID: <201102010048.p110mplk020314@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Hitachi JP1/NETM/DM Products Two Vulnerabilities SECUNIA ADVISORY ID: SA43140 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43140/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43140 RELEASE DATE: 2011-02-01 DISCUSS ADVISORY: http://secunia.com/advisories/43140/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43140/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43140 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in various Hitachi products, which can be exploited by malicious, local users to potentially gain knowledge of sensitive information and malicious people to cause a DoS (Denial of Service). 1) The permissions for certain files are not properly set, which allows local users to access files that they are not intended to access. 2) An unspecified error can be exploited to cause a DoS. SOLUTION: Update to fixed versions (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HS11-001 (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-001/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 17:15:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Feb 2011 02:15:53 +0100 Subject: [SEC] [SA43127] Debian update for linux-2.6 Message-ID: <201102010115.p111FrJf009323@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Debian update for linux-2.6 SECUNIA ADVISORY ID: SA43127 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43127/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43127 RELEASE DATE: 2011-02-01 DISCUSS ADVISORY: http://secunia.com/advisories/43127/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43127/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43127 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for linux-2.6. This fixes some weaknesses, security issues, and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges, and by malicious people to cause a DoS. For more information: SA42035 SA42148 SA42176 SA42187 SA42354 SA42372 SA42570 SA42684 SA42765 SA42964 SA43009 1) An error within the Econet protocol implementation can be exploited to cause a crash by sending Acorn Universal Networking packets over UDP. SOLUTION: Install updated packages via the apt-get package manager. PROVIDED AND/OR DISCOVERED BY: 1) Nelson Elhage ORIGINAL ADVISORY: DSA-2153-1: http://lists.debian.org/debian-security-announce/2011/msg00017.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 17:45:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Feb 2011 02:45:48 +0100 Subject: [SEC] [SA43118] Red Hat update for openoffice.org Message-ID: <201102010145.p111jm4W030834@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: Red Hat update for openoffice.org SECUNIA ADVISORY ID: SA43118 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43118/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43118 RELEASE DATE: 2011-02-01 DISCUSS ADVISORY: http://secunia.com/advisories/43118/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43118/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43118 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for openoffice.org. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA40775 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0181-1: https://rhn.redhat.com/errata/RHSA-2011-0181.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jan 31 18:10:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Feb 2011 03:10:42 +0100 Subject: [SEC] [SA43131] VLC Media Player MKV Demuxer "MKV_IS_ID" Vulnerability Message-ID: <201102010210.p112AggA019719@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secure your corporate defenses and reduce complexity in handling vulnerability threats with the new Secunia Vulnerability Intelligence Manager (VIM). Request a free trial: http://secunia.com/products/corporate/vim/ ---------------------------------------------------------------------- TITLE: VLC Media Player MKV Demuxer "MKV_IS_ID" Vulnerability SECUNIA ADVISORY ID: SA43131 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43131/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43131 RELEASE DATE: 2011-02-01 DISCUSS ADVISORY: http://secunia.com/advisories/43131/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43131/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43131 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in VLC Media Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an input validation error within the "MKV_IS_ID" macro in modules/demux/mkv/mkv.hpp of the MKV demuxer. This can be exploited to execute arbitrary code by e.g. tricking a user into opening a specially crafted MKV file The vulnerability is reported in version 1.1.6.1 and earlier. SOLUTION: Fixed in the GIT repository. Reportedly, version 1.1.7 will address this issue. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Dan Rosenberg, VSR. ORIGINAL ADVISORY: VideoLAN-SA-1102: http://www.videolan.org/security/sa1102.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ----------------------------------------------------------------------