From sec-adv at secunia.com Wed Jun 1 10:32:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 19:32:15 +0200 Subject: [SEC] [SA44808] SUSE update for gdm Message-ID: <201106011732.p51HWFGW008236@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for gdm SECUNIA ADVISORY ID: SA44808 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44808/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44808 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44808/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44808/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44808 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for gdm. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA44797 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0581-1: https://hermes.opensuse.org/messages/8643655 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 11:32:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 20:32:41 +0200 Subject: [SEC] [SA44765] Debian update for ejabberd Message-ID: <201106011832.p51IWfQm031145@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for ejabberd SECUNIA ADVISORY ID: SA44765 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44765/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44765 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44765/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44765/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44765 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for ejabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44807 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2248-1: http://www.debian.org/security/2011/dsa-2248 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 12:32:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 21:32:51 +0200 Subject: [SEC] [SA44772] SecureSphere Web Application Firewall Database Events Script Insertion Vulnerability Message-ID: <201106011932.p51JWp93021653@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SecureSphere Web Application Firewall Database Events Script Insertion Vulnerability SECUNIA ADVISORY ID: SA44772 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44772/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44772 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44772/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44772/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44772 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SecureSphere Web Application Firewall, which can be exploited by malicious people to conduct script insertion attacks. Certain input passed to a web server protected by SecureSphere is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in an administrator's browser session in context of an affected site when the administrator views database events. The vulnerability is reported in version 6.2, 7.x, and 8.x. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Sean Talbot, Dell SecureWorks ORIGINAL ADVISORY: Imperva: http://www.imperva.com/resources/adc/adc_advisories_response_secureworks.html SecureWorks: http://www.secureworks.com/research/advisories/SWRX-2011-001/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 13:32:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 22:32:44 +0200 Subject: [SEC] [SA44753] WatchGuard XCS "STARTTLS" Plaintext Injection Vulnerability Message-ID: <201106012032.p51KWiVY012124@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: WatchGuard XCS "STARTTLS" Plaintext Injection Vulnerability SECUNIA ADVISORY ID: SA44753 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44753/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44753 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44753/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44753/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44753 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in WatchGuard XCS, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to the TLS implementation not properly clearing transport layer buffers when upgrading from plaintext to ciphertext after receiving the "STARTTLS" command. This can be exploited to insert arbitrary plaintext data (e.g. SMTP commands) during the plaintext phase, which will then be executed after upgrading to the TLS ciphertext phase. The vulnerability is reported in versions 9.0 and 9.1. SOLUTION: Apply fixes. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Wietse Venema ORIGINAL ADVISORY: WatchGuard: http://www.watchguard.com/support/release-notes/xcs/9/en-US/EN_ReleaseNotes_XCS_9_1_1/EN_ReleaseNotes_WG_XCS_9_1_TLS_Hotfix.pdf US-CERT VU#555316: http://www.kb.cert.org/vuls/id/555316 http://www.kb.cert.org/vuls/id/MAPG-8D9M75 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 14:26:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 23:26:33 +0200 Subject: [SEC] [SA44807] ejabberd Nested XML Entities Denial of Service Vulnerability Message-ID: <201106012126.p51LQXCu002289@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: ejabberd Nested XML Entities Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44807 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44807/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44807 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44807/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44807/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44807 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ejabberd, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the parsing of certain XML input, which can be exploited to e.g. cause a high CPU and memory consumption via heavily nested XML entities. The vulnerability is reported in version 2.1.6. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Debian credits Wouter Coekaerts. ORIGINAL ADVISORY: https://git.process-one.net/ejabberd/mainline/commit/bd1df027c622e1f96f9eeaac612a6a956c1ff0b6 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 14:47:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 23:47:30 +0200 Subject: [SEC] [SA44774] Ubuntu update for linux and linux-ec2 Message-ID: <201106012147.p51LlUms023463@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Ubuntu update for linux and linux-ec2 SECUNIA ADVISORY ID: SA44774 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44774/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44774 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44774/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44774/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44774 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux and linux-ec2. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system and potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS, and by malicious people to cause a DoS. For more information: SA38499 SA42684 SA43009 SA43522 SA43569 SA43693 SA43806 SA43966 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1141-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001342.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 15:12:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 00:12:30 +0200 Subject: [SEC] [SA44788] Debian update for citadel Message-ID: <201106012212.p51MCUpt012396@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for citadel SECUNIA ADVISORY ID: SA44788 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44788/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44788 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44788/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44788/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44788 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for citadel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44787 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2250-1: http://www.debian.org/security/2011/dsa-2250 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 15:47:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 00:47:11 +0200 Subject: [SEC] [SA44797] GNOME Display Manager URI Scheme Handler Security Issue Message-ID: <201106012247.p51MlB5K001689@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: GNOME Display Manager URI Scheme Handler Security Issue SECUNIA ADVISORY ID: SA44797 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44797/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44797 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44797/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44797/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44797 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in GNOME Display Manager, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to a URI scheme handler configuration error and can be exploited to launch a default browser in a GDM session with the privileges of the GDM user. The security issue is reported in version 2.32.1 and prior. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://ftp.gnome.org/pub/GNOME/sources/gdm/2.32/gdm-2.32.2.news OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 16:12:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 01:12:58 +0200 Subject: [SEC] [SA44779] Symantec Products KeyView PRZ Processing Buffer Overflow Vulnerability Message-ID: <201106012312.p51NCwMh023110@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Symantec Products KeyView PRZ Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44779 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44779/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44779 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44779/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44779/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44779 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in various Symantec products, which can be exploited by malicious people to compromise a user's system. For more information see vulnerability #6 in: SA44624 Please see the vendor's advisory for the list for affected products. SOLUTION: Update to a fixed version (please see the vendor's security advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits alino, binaryhouse.net via iDefense Labs. ORIGINAL ADVISORY: Symantec: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110531_00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 16:47:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 01:47:15 +0200 Subject: [SEC] [SA44799] Pika CMS "file" Local File Disclosure Vulnerability Message-ID: <201106012347.p51NlFCM012442@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Pika CMS "file" Local File Disclosure Vulnerability SECUNIA ADVISORY ID: SA44799 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44799/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44799 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44799/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44799/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44799 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Pika CMS, which can be exploited by malicious people to disclose sensitive information. Input passed via the "file" parameter to gabime/showSource.php is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files from local resources via directory traversal attacks. The vulnerability is confirmed in version 1.7. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: KnocKout OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 17:14:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 02:14:52 +0200 Subject: [SEC] [SA44805] Wyse ThinOS Denial of Service Vulnerability Message-ID: <201106020014.p520EqO9001417@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Wyse ThinOS Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44805 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44805/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44805 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44805/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44805/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44805 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Georg Fritsch has reported a vulnerability in Wyse ThinOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing certain network packets. For more information: SA44465 The vulnerability is reported in version 6.5. Other versions may also be affected. SOLUTION: Fixed in the latest 6.3.x version and version 7.0_217. PROVIDED AND/OR DISCOVERED BY: Georg Fritsch, Fritsch, Chiari & Partner ZT GmbH OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 17:47:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 02:47:27 +0200 Subject: [SEC] [SA44810] AnyMacro Mail System Directory Traversal Vulnerability Message-ID: <201106020047.p520lRP9023133@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: AnyMacro Mail System Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44810 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44810/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44810 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44810/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44810/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44810 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in AnyMacro Mail System, which can be exploited by malicious people to disclose sensitive information. Certain unspecified input passed to the web interface is not properly verified before being used. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks. The vulnerability is reported in version G4X. SOLUTION: Apply patch. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: CN-CERT credits Dillon Beresford, NSS Labs. ORIGINAL ADVISORY: CN-CERT: http://www.cnvd.org.cn/vulnerability/CNVD-2011-05282 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 18:12:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 03:12:07 +0200 Subject: [SEC] [SA44795] Debian update for jabberd14 Message-ID: <201106020112.p521C6Nf012031@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for jabberd14 SECUNIA ADVISORY ID: SA44795 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44795/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44795 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44795/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44795/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44795 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for jabberd14. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44787 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2249-1: http://www.debian.org/security/2011/dsa-2249 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 18:47:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 03:47:02 +0200 Subject: [SEC] [SA44787] jabberd Nested XML Entities Denial of Service Vulnerability Message-ID: <201106020147.p521l2hI001345@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: jabberd Nested XML Entities Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44787 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44787/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44787 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44787/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44787/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44787 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in jabberd, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the parsing of certain XML input, which can be exploited to e.g. cause a high CPU and memory consumption via heavily nested XML entities. The vulnerability is reported in versions prior to 2.2.14. SOLUTION: Update to version 2.2.14. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.mail-archive.com/jabberd2 at lists.xiaoka.com/msg01655.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 19:16:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 04:16:10 +0200 Subject: [SEC] [SA44792] Red Hat update for kernel Message-ID: <201106020216.p522GAEJ024506@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA44792 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44792/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44792 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44792/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44792/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44792 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges, by malicious, local users to disclose system information and cause a DoS, and by malicious people to cause a DoS. For more information: SA43537 SA43803 SA43806 1) A boundary error within the "get_free_port()" function can be exploited to cause a crash and potentially gain escalated privileges. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0833-01: https://rhn.redhat.com/errata/RHSA-2011-0833.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 19:47:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 04:47:36 +0200 Subject: [SEC] [SA44785] Kentico CMS "userContextMenu_parameter" Cross-Site Scripting Vulnerability Message-ID: <201106020247.p522laB6013705@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Kentico CMS "userContextMenu_parameter" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44785 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44785/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44785 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44785/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44785/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44785 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krstic has discovered a vulnerability in Kentico CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "userContextMenu_parameter" POST parameter to examples/webparts/membership/users-viewer.aspx is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 5.5R2. Other versions may also be affected. SOLUTION: Install hotfix 5.5R2.24 Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Lab ORIGINAL ADVISORY: ZSL-2011-5015: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5015.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 20:12:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 05:12:23 +0200 Subject: [SEC] [SA44606] Red Hat update for gimp Message-ID: <201106020312.p523CNaQ002581@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Red Hat update for gimp SECUNIA ADVISORY ID: SA44606 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44606/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44606 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44606/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44606/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44606 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA37232 SA37348 SA42771 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0837-1: http://rhn.redhat.com/errata/RHSA-2011-0837.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 20:47:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 05:47:22 +0200 Subject: [SEC] [SA44791] Red Hat update for gimp Message-ID: <201106020347.p523lM1Q024387@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Red Hat update for gimp SECUNIA ADVISORY ID: SA44791 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44791/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44791 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44791/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44791/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44791 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA37232 SA37348 SA42771 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0838-1: https://rhn.redhat.com/errata/RHSA-2011-0838.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 21:12:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 06:12:37 +0200 Subject: [SEC] [SA44794] vBulletin YUI Component Library Unspecified Vulnerability Message-ID: <201106020412.p524Cbr0013322@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: vBulletin YUI Component Library Unspecified Vulnerability SECUNIA ADVISORY ID: SA44794 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44794/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44794 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44794/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44794/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44794 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with an unknown impact has been reported in vBulletin Publishing Suite and vBulletin Forum Classic. The vulnerability is caused due to an unspecified error related to the YUI component library. No further information is currently available. The vulnerability is reported in vBulletin Publishing Suite versions prior to 4.1.3 PL1 and vBulletin Forum Classic versions prior to 3.8.7 PL1 and 4.1.3 PL1. SOLUTION: Update to vBulletin Publishing Suite version 4.1.3 PL1 or vBulletin Forum Classic version 3.8.7 PL1 or 4.1.3 PL1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.vbulletin.com/forum/showthread.php/380885-vBulletin-Security-Patch-for-4.X-and-3.X OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 21:47:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 06:47:38 +0200 Subject: [SEC] [SA44711] Libxml2 XPath Nodeset Processing Vulnerability Message-ID: <201106020447.p524lc8K002641@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Libxml2 XPath Nodeset Processing Vulnerability SECUNIA ADVISORY ID: SA44711 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44711/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44711 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44711/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44711/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44711 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Chris Evans has reported a vulnerability in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. The vulnerability is caused due to an error when reallocating memory in xpath.c during the processing of a XPath nodeset. This can be exploited to cause a heap-based buffer overflow via a specially crafted XPath expression. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 2.7.8. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Chris Evans ORIGINAL ADVISORY: http://scarybeastsecurity.blogspot.com/2011/05/libxml-vulnerability-and-interesting.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 1 22:12:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 07:12:26 +0200 Subject: [SEC] [SA44465] Wyse ThinOS Denial of Service Vulnerability Message-ID: <201106020512.p525CQla023979@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Wyse ThinOS Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44465 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44465/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44465 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44465/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44465/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44465 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Georg Fritsch has reported a vulnerability in Wyse ThinOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing certain network packets, which can be exploited to cause a device to crash by sending specially crafted network packets. The vulnerability is reported in version 7.0.1. Other versions may also be affected. SOLUTION: Update to version 7.0_217. PROVIDED AND/OR DISCOVERED BY: Georg Fritsch, Fritsch, Chiari & Partner ZT GmbH OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 10:33:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 19:33:19 +0200 Subject: [SEC] [SA44633] Debian update for subversion Message-ID: <201106021733.p52HXJbq012671@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for subversion SECUNIA ADVISORY ID: SA44633 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44633/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44633 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44633/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44633/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44633 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for subversion. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44681 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2251-1 : http://lists.debian.org/debian-security-announce/2011/msg00121.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 11:47:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 20:47:59 +0200 Subject: [SEC] [SA44815] Fedora update for php-ZendFramework Message-ID: <201106021847.p52Ilx1o010529@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for php-ZendFramework SECUNIA ADVISORY ID: SA44815 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44815/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44815 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44815/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44815/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44815 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for php-ZendFramework. This fixes a weakness, which can be exploited by malicious people to bypass certain security features. For more information: SA44615 SOLUTION: Apply updated packages via the yum utility ("yum update php-ZendFramework"). ORIGINAL ADVISORY: FEDORA-2011-7409: http://lists.fedoraproject.com/pipermail/package-announce/2011-June/061004.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 12:33:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 21:33:44 +0200 Subject: [SEC] [SA44775] Plone Multiple Vulnerabilities Message-ID: <201106021933.p52JXiBP020393@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Plone Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44775 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44775/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44775 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44775/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44775/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44775 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Plone, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting and script insertion attacks 1) Certain input passed to the application is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain input passed via a markup to Portal.PortalTransforms is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 3) An error in plone.app.users does not properly check for authorisation and can be exploited to edit properties of other users. NOTE: This vulnerability is reportedly being exploited in the wild. SOLUTION: Apply hotfix 20110531. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits S. Streichsbier, SEC Consult. 2) The vendor credits Daniel Berlin and Dan Bentley, Google and Brian Peters. 3) Reported by the vendor. ORIGINAL ADVISORY: Plone: http://plone.org/products/plone/security/advisories/CVE-2011-1948 http://plone.org/products/plone/security/advisories/CVE-2011-1949 http://plone.org/products/plone/security/advisories/CVE-2011-1950 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 13:32:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 22:32:25 +0200 Subject: [SEC] [SA44681] Apache Subversion mod_dav_svn Two Denial of Service Vulnerabilities Message-ID: <201106022032.p52KWPSM010814@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Apache Subversion mod_dav_svn Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA44681 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44681/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44681 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44681/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44681/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44681 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Apache Subversion, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) A NULL pointer dereference error in the mod_dav_svn module when processing baselined resource requests can be exploited to cause a crash. This vulnerability is reported in versions 1.6.16 and prior. 2) An error within the mod_dav_svn module when handling certain path-based access control rules can be exploited to trigger an infinite loop and exhaust memory. This vulnerability is reported in versions 1.5.0 through 1.6.16. NOTE: A weakness in the handling of path-based access control rules, which could result in certain unreadable files and directories becoming readable has also been reported. SOLUTION: Update to version 1.6.17. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor 2) The vendor credits Ivan Zhakov, VisualSVN. ORIGINAL ADVISORY: http://subversion.apache.org/security/CVE-2011-1752-advisory.txt http://subversion.apache.org/security/CVE-2011-1783-advisory.txt http://subversion.apache.org/security/CVE-2011-1921-advisory.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 14:26:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 23:26:29 +0200 Subject: [SEC] [SA44632] Icinga "expand" Cross-Site Scripting Vulnerability Message-ID: <201106022126.p52LQTxx000976@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Icinga "expand" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44632 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44632/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44632 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44632/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44632/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44632 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered a vulnerability in Icinga, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "expand" parameter to cgi-bin/config.cgi (when "type" is set to "command") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.4.0. Other versions may also be affected. SOLUTION: Fixed in the CVS repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: Icinga: https://dev.icinga.org/issues/1605 Stefan Schurtz: http://www.rul3z.de/advisories/SSCHADV2011-005.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 14:47:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 2 Jun 2011 23:47:44 +0200 Subject: [SEC] [SA44721] Rosewill RXS-3211 IP Camera Password Disclosure Vulnerability Message-ID: <201106022147.p52Llim5022174@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Rosewill RXS-3211 IP Camera Password Disclosure Vulnerability SECUNIA ADVISORY ID: SA44721 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44721/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44721 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44721/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44721/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44721 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Rosewill RXS-3211 IP Camera, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an improper authentication mechanism, which sends credentials to the client side for authentication and can be exploited to disclose e.g. the administrative password. SOLUTION: Restrict access to the device to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Ben Schmidt ORIGINAL ADVISORY: http://spareclockcycles.org/exploiting-an-ip-camera-contol-protocol OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 15:12:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 00:12:08 +0200 Subject: [SEC] [SA44743] Belkin Wireless G Router Password MD5 Hash Disclosure Weakness Message-ID: <201106022212.p52MC8R1011076@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Belkin Wireless G Router Password MD5 Hash Disclosure Weakness SECUNIA ADVISORY ID: SA44743 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44743/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44743 RELEASE DATE: 2011-06-02 DISCUSS ADVISORY: http://secunia.com/advisories/44743/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44743/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44743 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Belkin Wireless G Router, which can be exploited by malicious people to disclose sensitive information. The weakness is caused due to the login.stm script disclosing the MD5 hash of the administrative password. The weakness is reported in all firmware versions of F5D7234v5. SOLUTION: Restrict network access to the device to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Aodrulez OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 15:47:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 00:47:27 +0200 Subject: [SEC] [SA44771] Ubuntu update for dovecot Message-ID: <201106022247.p52MlR3G000385@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for dovecot SECUNIA ADVISORY ID: SA44771 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44771/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44771 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44771/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44771/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44771 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44683 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1143-1: http://www.ubuntu.com/usn/usn-1143-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 16:13:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 01:13:01 +0200 Subject: [SEC] [SA44812] Cisco AnyConnect VPN Client Two Vulnerabilities Message-ID: <201106022313.p52ND1PO021794@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Cisco AnyConnect VPN Client Two Vulnerabilities SECUNIA ADVISORY ID: SA44812 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44812/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44812 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44812/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44812/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44812 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cisco AnyConnect VPN Client, which can be exploited by malicious people with physical access to bypass certain security restrictions and by malicious people to compromise a user's system. 1) An error in the graphical user interface when displayed on the Windows logon screen can be exploited to perform certain actions with the privileges of the LocalSystem account. Successful exploitation of this vulnerability requires the Start Before Logon (SBL) feature to be enabled. 2) An error in the helper application used for remote deployment of the client (e.g. "Cisco.AnyConnect.VPNWeb.1" ActiveX control) due to insufficient authenticity validation of downloaded executables can be exploited to download and execute an arbitrary program. Please see the vendor's advisory for a list of affected versions and platforms. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) Reported to the vendor by a customer. 2) The vendor credits Elazar Broad via iDefense. ORIGINAL ADVISORY: Cisco (cisco-sa-20110601-ac): http://www.cisco.com/warp/public/707/cisco-sa-20110601-ac.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 16:47:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 01:47:09 +0200 Subject: [SEC] [SA44776] Plone Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201106022347.p52Nl9K0011119@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Plone Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA44776 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44776/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44776 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44776/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44776/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44776 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Plone, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. For more information see vulnerabilities #1 and #2 in: SA44775 SOLUTION: Apply hotfix 20110531. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: Plone: http://plone.org/products/plone/security/advisories/CVE-2011-1948 http://plone.org/products/plone/security/advisories/CVE-2011-1949 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 17:16:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 02:16:15 +0200 Subject: [SEC] [SA44814] Cisco Unified IP Phone Privilege Escalation and Security Bypass Message-ID: <201106030016.p530GFpZ032613@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Cisco Unified IP Phone Privilege Escalation and Security Bypass SECUNIA ADVISORY ID: SA44814 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44814/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44814 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44814/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44814/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44814 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some security issues have been reported in Cisco Unified IP Phone models, which can be exploited by malicious, local users to bypass certain security restrictions and perform certain actions with escalated privileges. 1) An error within the "su" utility can be exploited to change the phone configuration or gain potentially sensitive information. 2) An unspecified error can be exploited to change the phone configuration or gain potentially sensitive information. 3) An error in the device does not properly verify the signature of the software image before loading the image and can be exploited to upload an arbitrary software image. The security issues are reported in the following products: * Cisco Unified IP Phone 7975G * Cisco Unified IP Phone 7971G-GE * Cisco Unified IP Phone 7970G * Cisco Unified IP Phone 7965G * Cisco Unified IP Phone 7962G * Cisco Unified IP Phone 7961G * Cisco Unified IP Phone 7961G-GE * Cisco Unified IP Phone 7945G * Cisco Unified IP Phone 7942G * Cisco Unified IP Phone 7941G * Cisco Unified IP Phone 7941G-GE * Cisco Unified IP Phone 7931G * Cisco Unified IP Phone 7911G * Cisco Unified IP Phone 7906 SOLUTION: Apply patches (please see the vendor's advisory for more information). PROVIDED AND/OR DISCOVERED BY: The vendor credits Matt Duggan, Qualcomm. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110601-phone.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 17:46:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 02:46:52 +0200 Subject: [SEC] [SA44801] Red Hat update for kernel Message-ID: <201106030046.p530kqP4021783@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA44801 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44801/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44801 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44801/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44801/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44801 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service). For more information: SA41002 SA44164 SA44220 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0836-01: https://rhn.redhat.com/errata/RHSA-2011-0836.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 18:26:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 03:26:11 +0200 Subject: [SEC] [SA44702] Lumension Endpoint Security Products SXS Server Denial of Service Vulnerability Message-ID: <201106030126.p531QBTF011346@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Lumension Endpoint Security Products SXS Server Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44702 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44702/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44702 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44702/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44702/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44702 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Lumension Endpoint Security products, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unhandled exception within the SXS server when processing certain packets. This can be exploited to crash the server and e.g. deny service to the management server via a specially crafted request. The vulnerability is reported in versions prior to 4.4 SR7. SOLUTION: Update to version 4.4 SR7. PROVIDED AND/OR DISCOVERED BY: Andy Davis, NGS Secure. ORIGINAL ADVISORY: Lumension: http://support.lumension.com/scripts/rightnow.cfg/php.exe/enduser/std_adp.php?p_faqid=779 NGS Secure: http://archives.neohapsis.com/archives/bugtraq/2011-05/0153.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 18:51:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 03:51:43 +0200 Subject: [SEC] [SA44770] Serendipity Freetag Plugin Cross-Site Scripting Vulnerability Message-ID: <201106030151.p531phTk032671@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Serendipity Freetag Plugin Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44770 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44770/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44770 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44770/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44770/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44770 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has reported a vulnerability in the Freetag plugin for Serendipity, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to index.php?/plugin/tag/ is not properly sanitised in plugins/serendipity_event_freetag/serendipity_event_freetag.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 3.20 and 3.21. SOLUTION: Update to version 3.22. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: Serendipity: http://blog.s9y.org/archives/231-serendipity_event_freetag-Plugin-update,-XSS-bug.html Stefan Schurtz: http://www.rul3z.de/advisories/SSCHADV2011-004.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 19:19:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 04:19:02 +0200 Subject: [SEC] [SA44802] Red Hat update for systemtap Message-ID: <201106030219.p532J2sS022172@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for systemtap SECUNIA ADVISORY ID: SA44802 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44802/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44802 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44802/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44802/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44802 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for systemtap. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA44608 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0842-1: https://rhn.redhat.com/errata/RHSA-2011-0842.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 19:47:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 04:47:10 +0200 Subject: [SEC] [SA44778] SUSE update for Xen Message-ID: <201106030247.p532lAGI011230@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for Xen SECUNIA ADVISORY ID: SA44778 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44778/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44778 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44778/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44778/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44778 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for Xen. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and to gain escalated privileges and by malicious people to bypass certain security restrictions and to cause a DoS (Denial of Service). For more information: SA43670 SA43802 SA44502 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0579-1: https://hermes.opensuse.org/messages/8639800 openSUSE-SU-2011:0578-1: https://hermes.opensuse.org/messages/8639149 openSUSE-SU-2011:0580-1: https://hermes.opensuse.org/messages/8639811 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 20:12:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 05:12:16 +0200 Subject: [SEC] [SA44782] Red Hat update for systemtap Message-ID: <201106030312.p533CGPx032554@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for systemtap SECUNIA ADVISORY ID: SA44782 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44782/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44782 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44782/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44782/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44782 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for systemtap. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA44608 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0841-01: https://rhn.redhat.com/errata/RHSA-2011-0841.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 20:47:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 05:47:05 +0200 Subject: [SEC] [SA44780] Red Hat update for apr Message-ID: <201106030347.p533l5rV021909@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for apr SECUNIA ADVISORY ID: SA44780 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44780/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44780 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44780/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44780/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44780 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for apr. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44558 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0844-1: https://rhn.redhat.com/errata/RHSA-2011-0844.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 21:12:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 06:12:32 +0200 Subject: [SEC] [SA44783] Red Hat update for bind and bind97 Message-ID: <201106030412.p534CWhM010841@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for bind and bind97 SECUNIA ADVISORY ID: SA44783 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44783/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44783 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44783/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44783/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44783 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for bind and bind97. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44719 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0845-1: https://rhn.redhat.com/errata/RHSA-2011-0845.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 21:47:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 06:47:08 +0200 Subject: [SEC] [SA44803] SUSE update for SUSE Manager Message-ID: <201106030447.p534l8qA032576@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for SUSE Manager SECUNIA ADVISORY ID: SA44803 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44803/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44803 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44803/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44803/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44803 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for SUSE Manager for SLES 11. This fixes two vulnerabilities, which can be exploited by malicious users to bypass certain security features and by malicious people to disclose potentially sensitive information. For more information: SA44150 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0577-1: https://hermes.opensuse.org/messages/8639128 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 2 22:14:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 07:14:18 +0200 Subject: [SEC] [SA44773] Debian update for rails Message-ID: <201106030514.p535EI21021595@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for rails SECUNIA ADVISORY ID: SA44773 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44773/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44773 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44773/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44773/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44773 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for rails. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. For more information: SA43274 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2247-1: http://www.debian.org/security/2011/dsa-2247 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 10:32:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 19:32:59 +0200 Subject: [SEC] [SA44754] Linux Kernel KSM Denial of Service Vulnerability Message-ID: <201106031732.p53HWxuh010175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Linux Kernel KSM Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44754 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44754/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44754 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44754/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44754/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44754 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to a race condition within the "scan_get_next_rmap_item()" function in mm/ksm.c and can be exploited to cause a kernel crash. The vulnerability is reported in version 2.6.39. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Andrea Righi ORIGINAL ADVISORY: https://lkml.org/lkml/2011/6/1/742 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 11:32:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 20:32:51 +0200 Subject: [SEC] [SA44769] Hitachi Command Suite Products Java Double Literal Denial of Service Vulnerability Message-ID: <201106031832.p53IWpTJ000593@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Hitachi Command Suite Products Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44769 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44769/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44769 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44769/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44769/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44769 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has acknowledged a vulnerability in Hitachi Command Suite products, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA43262 Please see the vendor's advisory for the list of affected versions. SOLUTION: Update to a fixed version. Please see the vendor's advisory for more details. ORIGINAL ADVISORY: Hitachi (HS11-010): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-010/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 12:33:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 21:33:28 +0200 Subject: [SEC] [SA44732] Iskratel SI2000 Callisto 821 Cross-Site Request Forgery Vulnerability Message-ID: <201106031933.p53JXS1j023555@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Iskratel SI2000 Callisto 821 Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44732 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44732/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44732 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44732/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44732/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44732 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: MustLive has reported a vulnerability in Iskratel SI2000 Callisto 821, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrator's password and conduct script insertion attacks by tricking a logged in administrative user into visiting a malicious web site. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: MustLive ORIGINAL ADVISORY: http://websecurity.com.ua/5179/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 13:32:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 22:32:21 +0200 Subject: [SEC] [SA44729] Ushahidi "range" SQL Injection Vulnerability Message-ID: <201106032032.p53KWLoe013989@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ushahidi "range" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44729 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44729/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44729 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44729/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44729/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44729 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krstic has discovered a vulnerability in Ushahidi, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "range" parameter to index.php/admin/dashboard is not properly sanitised in application/controllers/admin/dashboard.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.0.1. Prior versions may also be affected. SOLUTION: Update to version 2.0.2. PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Lab ORIGINAL ADVISORY: Ushahidi: http://dev.ushahidi.com/issues/show/2195 ZSL-2011-5016: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5016.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 14:27:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 23:27:22 +0200 Subject: [SEC] [SA44786] Hitachi IT Operations Analyzer and Director Java Double Literal Denial of Service Vulnerability Message-ID: <201106032127.p53LRM4I004226@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Hitachi IT Operations Analyzer and Director Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44786 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44786/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44786 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44786/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44786/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44786 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has acknowledged a vulnerability in Hitachi IT Operations Analyzer and Director, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1 in: SA43262 Please see the vendor's advisory for the list of affected versions. SOLUTION: Update to a fixed version. Please see the vendor's advisory for more details. ORIGINAL ADVISORY: Hitachi (HS11-009): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-009/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 14:47:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 3 Jun 2011 23:47:46 +0200 Subject: [SEC] [SA44813] SRWare Iron Multiple Vulnerabilities Message-ID: <201106032147.p53LlkjT025340@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SRWare Iron Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44813 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44813/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44813 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44813/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44813/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44813 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in SRWare Iron, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA44678 SOLUTION: Update to version 11.0.700.3 ORIGINAL ADVISORY: http://www.srware.net/forum/viewtopic.php?f=18&t=2391 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 15:12:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 00:12:46 +0200 Subject: [SEC] [SA44839] VMware ESX Server Console Kernel Multiple Vulnerabilities Message-ID: <201106032212.p53MCkcI014268@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: VMware ESX Server Console Kernel Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44839 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44839/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44839 RELEASE DATE: 2011-06-03 DISCUSS ADVISORY: http://secunia.com/advisories/44839/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44839/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44839 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and some vulnerabilities have been reported in VMware ESX Server, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS. For more information: SA37435 SA40965 SA44837 SOLUTION: Apply patches if available. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: VMSA-2011-0009: http://lists.vmware.com/pipermail/security-announce/2011/000141.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 15:47:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 00:47:28 +0200 Subject: [SEC] [SA44838] VMware ESX Server / ESXi e1000 Driver Packet Filter Bypass Security Issue Message-ID: <201106032247.p53MlSmv003590@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: VMware ESX Server / ESXi e1000 Driver Packet Filter Bypass Security Issue SECUNIA ADVISORY ID: SA44838 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44838/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44838 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44838/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44838/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44838 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in VMware ESX Server / ESXi, which can be exploited by malicious people to bypass certain security features. The security issue is caused due to an error within the third party e1000 driver. For more information: SA44837 SOLUTION: Apply patches if available. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: VMSA-2011-0009: http://lists.vmware.com/pipermail/security-announce/2011/000141.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 16:13:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 01:13:04 +0200 Subject: [SEC] [SA44840] VMware Products "mount.vmhgfs" Multiple Security Issues Message-ID: <201106032313.p53ND4ZI024942@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: VMware Products "mount.vmhgfs" Multiple Security Issues SECUNIA ADVISORY ID: SA44840 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44840/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44840 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44840/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44840/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44840 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some security issues have been reported in various VMware products, which can be exploited by malicious, local users in a guest virtual machine to disclose system information and gain escalated privileges. 1) An error within the mount.vmhgfs utility can be exploited to determine whether or not a certain file or directory exists on the host system. 2) A race condition within the mount.vmhgfs utility can be exploited to mount arbitrary directories and e.g. gain escalated privileges. 3) An error within the mount.vmhgfs utility allows write access to arbitrary files and can be exploited to gain escalated privileges. Note: The security issues do not affect Windows-based guest systems. Security issue #3 only affects Solaris and FreeBSD guest systems. SOLUTION: Update to a fixed version or apply patches. Install updated VMware Guest Tools. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Dan Rosenberg. ORIGINAL ADVISORY: VMSA-2011-0009: http://lists.vmware.com/pipermail/security-announce/2011/000141.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 16:48:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 01:48:05 +0200 Subject: [SEC] [SA44834] HP-UX update for JRE / JDK Message-ID: <201106032348.p53Nm5uG014307@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: HP-UX update for JRE / JDK SECUNIA ADVISORY ID: SA44834 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44834/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44834 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44834/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44834/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44834 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP-UX has issued an update for JRE / JDK. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA43262 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: HPSBUX02685 SSRT100505: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02775276 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 17:15:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 02:15:16 +0200 Subject: [SEC] [SA44837] VMware ESX Server / ESXi e1000 Driver Packet Filter Bypass Security Issue Message-ID: <201106040015.p540FGjq003298@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: VMware ESX Server / ESXi e1000 Driver Packet Filter Bypass Security Issue SECUNIA ADVISORY ID: SA44837 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44837/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44837 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44837/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44837/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44837 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in VMware ESX Server / ESXi, which can be exploited by malicious people to bypass certain security features. The security issue is caused due to an error within the third party e1000 driver, which can be exploited to e.g. bypass packet filters. SOLUTION: Patches are currently pending. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: VMSA-2011-0009: http://lists.vmware.com/pipermail/security-announce/2011/000141.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 17:47:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 02:47:58 +0200 Subject: [SEC] [SA44827] Debian update for dovecot Message-ID: <201106040047.p540lwqA024966@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for dovecot SECUNIA ADVISORY ID: SA44827 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44827/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44827 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44827/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44827/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44827 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44683 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2252-1: http://lists.debian.org/debian-security-announce/2011/msg00122.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 18:14:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 03:14:20 +0200 Subject: [SEC] [SA44821] Cherokee Admin Cross-Site Request Forgery Vulnerability Message-ID: <201106040114.p541EK4c013946@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Cherokee Admin Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44821 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44821/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44821 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44821/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44821/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44821 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: dave b has discovered a vulnerability in Cherokee, which can be exploited by malicious people to conduct cross-site request forgery attacks. The cherokee-admin web interface application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. reconfigure error logging and execute an arbitrary command if a logged-in administrative user visits a malicious web site. The vulnerability is confirmed in version 1.2.98. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: dave b ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0574.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 18:47:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 03:47:34 +0200 Subject: [SEC] [SA44826] VMware Products VI Client ActiveX Control Memory Corruption Vulnerability Message-ID: <201106040147.p541lYm2003202@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: VMware Products VI Client ActiveX Control Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA44826 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44826/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44826 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44826/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44826/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44826 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in various VMware products, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error within the VI Client ActiveX controls, which can be exploited to cause a memory corruption by e.g. tricking a user into visiting a malicious website. Successful exploitation may allow the execution of arbitrary code. SOLUTION: Replace the affected VI Client with the VI Client bundled with VirtualCenter 2.5 Update 6 or VirtualCenter 2.5 Update 6a. Also fixed in the VI Client version 2.0.2 Build 230598 and higher and version 2.5 Build 204931 and higher bundled with VMware Infrastructure 3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Elazar Broad via iDefense. ORIGINAL ADVISORY: VMSA-2011-0009: http://lists.vmware.com/pipermail/security-announce/2011/000141.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 19:20:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 04:20:02 +0200 Subject: [SEC] [SA44828] Asterisk SIP Channel Driver "parse_uri_full()" Denial of Service Message-ID: <201106040220.p542K2VM025348@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Asterisk SIP Channel Driver "parse_uri_full()" Denial of Service SECUNIA ADVISORY ID: SA44828 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44828/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44828 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44828/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44828/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44828 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Asterisk, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error within the "parse_uri_full()" function in channels/sip/reqresp_parser.c and can be exploited to cause a crash by sending a specially crafted contact header. The vulnerability is reported in versions 1.8.x prior to 1.8.4.2. SOLUTION: Update to version 1.8.4.2 or apply patch. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: AST-2011-007: http://downloads.asterisk.org/pub/security/AST-2011-007.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 19:47:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 04:47:20 +0200 Subject: [SEC] [SA44781] Red Hat update for postfix Message-ID: <201106040247.p542lK7G014357@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for postfix SECUNIA ADVISORY ID: SA44781 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44781/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44781 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44781/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44781/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44781 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA44500 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0843-1: https://rhn.redhat.com/errata/RHSA-2011-0843.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 20:12:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 05:12:37 +0200 Subject: [SEC] [SA44750] Red Hat update for gimp Message-ID: <201106040312.p543Cb39003266@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for gimp SECUNIA ADVISORY ID: SA44750 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44750/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44750 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44750/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44750/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44750 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA42771 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0839-1: https://rhn.redhat.com/errata/RHSA-2011-0839.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 3 20:48:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 4 Jun 2011 05:48:17 +0200 Subject: [SEC] [SA44449] Wireshark Multiple Denial of Service Vulnerabilities Message-ID: <201106040348.p543mHgx025072@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Wireshark Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA44449 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44449/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44449 RELEASE DATE: 2011-06-04 DISCUSS ADVISORY: http://secunia.com/advisories/44449/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44449/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44449 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error in the DICOM dissector can be exploited to cause an infinite loop when processing certain malformed packets. 2) An error when processing a Diameter dictionary file can be exploited to cause the process to crash. 3) An error when processing a snoop file can be exploited to cause the process to crash. 4) An error when processing compressed capture data can be exploited to cause the process to crash. 5) An error when processing a Visual Networks file can be exploited to cause the process to crash. 6) An error in the "desegment_tcp()" function (epan/dissectors/packet-tcp.c) when handling certain TCP segments can be exploited to dereference a NULL pointer and crash the process. This vulnerability is reported in version 1.4.5 only. The vulnerabilities #1 through #5 are reported in versions 1.2.0 through 1.2.16 and 1.4.0 through 1.4.6. SOLUTION: Update to version 1.2.17 or 1.4.7. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 6) Reported by rouli in a bug report. The vendor also credits: 2, 3, 5) Huzaifa Sidhpurwala, Red Hat Security Response Team. 4) David Maciejak, Fortinet's FortiGuard Labs. ORIGINAL ADVISORY: http://www.wireshark.org/security/wnpa-sec-2011-07.html http://www.wireshark.org/security/wnpa-sec-2011-08.html https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=5837 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 10:32:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Jun 2011 19:32:04 +0200 Subject: [SEC] [SA44854] TeleData Contact Management Server Directory Traversal Vulnerability Message-ID: <201106061732.p56HW49p016660@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: TeleData Contact Management Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44854 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44854/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44854 RELEASE DATE: 2011-06-06 DISCUSS ADVISORY: http://secunia.com/advisories/44854/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44854/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44854 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in TeleData Contact Management Server, which can be exploited by malicious people to disclose sensitive information. Input passed to the URL is not properly verified. This can be exploited to disclose arbitrary files from local resources via directory traversal attacks. The vulnerability is confirmed in version 1.1. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/Tele-Data-Contact-Management-Server-Directory-Traversal-231 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 11:32:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Jun 2011 20:32:04 +0200 Subject: [SEC] [SA44856] Storecalc Simple web-server Directory Traversal Vulnerability Message-ID: <201106061832.p56IW4qA007143@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Storecalc Simple web-server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44856 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44856/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44856 RELEASE DATE: 2011-06-06 DISCUSS ADVISORY: http://secunia.com/advisories/44856/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44856/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44856 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Storecalc Simple web-server, which can be exploited by malicious people to disclose sensitive information. Input passed to the URL is not properly verified. This can be exploited to disclose arbitrary files from local resources via directory traversal attacks. The vulnerability is confirmed in version 1.2. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/Simple-web-server-1.2-Directory-Traversal-232 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 12:31:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Jun 2011 21:31:22 +0200 Subject: [SEC] [SA44855] Nakid CMS "CKEditorFuncNum" Cross-Site Scripting Vulnerability Message-ID: <201106061931.p56JVMQg029983@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Nakid CMS "CKEditorFuncNum" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44855 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44855/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44855 RELEASE DATE: 2011-06-06 DISCUSS ADVISORY: http://secunia.com/advisories/44855/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44855/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44855 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Nakid CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "CKEditorFuncNum" parameter to assets/addons/kcfinder/browse.php is not properly sanitised in assets/addons/kcfinder/core/uploader.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.0.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/Nakid-CMS-1.0.2-Reflected-Cross-site-Scripting-230 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 13:33:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Jun 2011 22:33:32 +0200 Subject: [SEC] [SA44830] vBulletin "url" Redirection Weakness Message-ID: <201106062033.p56KXWSs020573@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: vBulletin "url" Redirection Weakness SECUNIA ADVISORY ID: SA44830 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44830/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44830 RELEASE DATE: 2011-06-06 DISCUSS ADVISORY: http://secunia.com/advisories/44830/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44830/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44830 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in vBulletin, which can be exploited by malicious people to conduct spoofing attacks. Input passed via the "url" parameter to login.php (when "do" is set to "lostpw") is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: The vendor credits Robert Gilbert, HALOCK Security Labs. ORIGINAL ADVISORY: http://www.vbulletin.com/forum/showthread.php/381014-Potential-Phishing-Vector?p=2166441 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 14:26:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Jun 2011 23:26:13 +0200 Subject: [SEC] [SA44703] WebSVN Shell Command Injection Vulnerability Message-ID: <201106062126.p56LQDaB010717@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: WebSVN Shell Command Injection Vulnerability SECUNIA ADVISORY ID: SA44703 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44703/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44703 RELEASE DATE: 2011-06-06 DISCUSS ADVISORY: http://secunia.com/advisories/44703/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44703/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44703 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: rgod has discovered a vulnerability in WebSVN, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "path" parameter to dl.php is not properly sanitised in include/command.php before being used as a command line argument and can be exploited to inject arbitrary shell commands. Successful exploitation requires the "$config->allowDownload()" option to be enabled in include/config.php (disabled by default). The vulnerability is confirmed in version 2.3.2 running on Windows. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: rgod ORIGINAL ADVISORY: http://retrogod.altervista.org/rgod_websvn_adv.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 14:46:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 6 Jun 2011 23:46:38 +0200 Subject: [SEC] [SA44806] vBulletin vBExperience Module "sortorder" Cross-Site Scripting Vulnerability Message-ID: <201106062146.p56LkcBV031812@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: vBulletin vBExperience Module "sortorder" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44806 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44806/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44806 RELEASE DATE: 2011-06-06 DISCUSS ADVISORY: http://secunia.com/advisories/44806/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44806/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44806 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the vBExperience module for vBulletin, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "sortorder" parameter in xperience.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Mr.ThieF OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 15:11:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 00:11:35 +0200 Subject: [SEC] [SA44846] Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability Message-ID: <201106062211.p56MBZ5C020732@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Adobe Flash Player Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44846 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44846/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44846 RELEASE DATE: 2011-06-06 DISCUSS ADVISORY: http://secunia.com/advisories/44846/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44846/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44846 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in the following versions: * Adobe Flash Player versions 10.3.181.16 and prior for Windows, Macintosh, Linux, and Solaris. * Adobe Flash Player versions 10.3.185.22 and prior for Android. NOTE: The vulnerability is reportedly being actively exploited in targeted attacks. SOLUTION: Update to Flash Player version 10.3.181.22 (10.3.181.23 for ActiveX). Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. ORIGINAL ADVISORY: Adobe (APSB11-13): http://www.adobe.com/support/security/bulletins/apsb11-13.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 15:46:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 00:46:36 +0200 Subject: [SEC] [SA44860] Fedora update for drupal Message-ID: <201106062246.p56Mka9C010087@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for drupal SECUNIA ADVISORY ID: SA44860 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44860/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44860 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44860/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44860/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44860 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for drupal. This fixes two vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. For more information: SA44308 SOLUTION: Apply updated packages via the yum utility ("yum update drupal"). ORIGINAL ADVISORY: FEDORA-2011-7546: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061174.html FEDORA-2011-7578: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061178.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 16:11:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 01:11:44 +0200 Subject: [SEC] [SA44863] Kolab Server Multiple Vulnerabilities Message-ID: <201106062311.p56NBiJN031412@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Kolab Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44863 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44863/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44863 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44863/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44863/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44863 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Kolab Server, which can be exploited by malicious people to cause a DoS (Denial of Service), manipulate certain data, and potentially compromise a vulnerable system. For more information: SA43328 SA43646 SA44335 SA44414 SA44500 SOLUTION: Update to version 2.3.2. ORIGINAL ADVISORY: http://kolab.org/pipermail/kolab-announce/2011/000101.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 16:46:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 01:46:23 +0200 Subject: [SEC] [SA44864] Novell Data Synchronizer Mobility Pack Unspecified Security Bypass Vulnerability Message-ID: <201106062346.p56NkNix020754@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Novell Data Synchronizer Mobility Pack Unspecified Security Bypass Vulnerability SECUNIA ADVISORY ID: SA44864 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44864/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44864 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44864/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44864/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44864 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell Data Synchronizer, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to an unspecified error within the Mobility Pack and can be exploited to gain unauthorized access to other user accounts. The vulnerability is reported in Mobility Pack versions 1.1.2 and prior. SOLUTION: Update to Mobility Pack version 1.1.1 (343) or 1.1.2 (428). Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits iTEC Services. ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=7008690 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 17:14:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 02:14:34 +0200 Subject: [SEC] [SA44777] Fedora update for drupal7 Message-ID: <201106070014.p570EYBN009803@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for drupal7 SECUNIA ADVISORY ID: SA44777 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44777/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44777 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44777/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44777/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44777 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for drupal7. This fixes a vulnerability and a security issue, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions. For more information: SA44708 SOLUTION: Apply updated packages via the yum utility ("yum update drupal7"). ORIGINAL ADVISORY: FEDORA-2011-7588: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061190.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 17:46:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 02:46:21 +0200 Subject: [SEC] [SA44804] Debian update for fontforge Message-ID: <201106070046.p570kLj5031413@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for fontforge SECUNIA ADVISORY ID: SA44804 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44804/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44804 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44804/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44804/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44804 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for fontforge. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the processing of "CHARSET_REGISTRY" header in font files, which can be exploited to cause a stack-based buffer overflow when a user opens a specially crafted Bitmap Distribution Format (BDF) font file in the font editor. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply updated packages via the apt-get package manager. PROVIDED AND/OR DISCOVERED BY: Ulrik Persson ORIGINAL ADVISORY: DSA-2253-1: http://lists.debian.org/debian-security-announce/2011/msg00123.html Ulrik Persson: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=605537 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 18:11:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 03:11:36 +0200 Subject: [SEC] [SA44847] Google Chrome Flash Player Unspecified Cross-Site Scripting Vulnerability Message-ID: <201106070111.p571Badi020338@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Google Chrome Flash Player Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44847 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44847/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44847 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44847/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44847/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44847 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to conduct cross-site scripting attacks. The vulnerability is caused due to a vulnerability in the bundled version of Adobe Flash Player. For more information: SA44846 The vulnerability is reported in versions prior to 11.0.696.77. SOLUTION: Update to version 11.0.696.77. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day in Adobe Flash Player. ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2011/06/stable-channel-update.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 6 18:46:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 03:46:33 +0200 Subject: [SEC] [SA44861] Fedora update for apr Message-ID: <201106070146.p571kXrY009684@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for apr SECUNIA ADVISORY ID: SA44861 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44861/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44861 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44861/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44861/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44861 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for apr. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44490 SA44558 SOLUTION: Apply updated packages via the yum utility ("yum update apr"). ORIGINAL ADVISORY: FEDORA-2011-6918: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061177.html FEDORA-2011-7340: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061183.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 10:31:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 19:31:00 +0200 Subject: [SEC] [SA44737] Zhang Boyang FTP Server Denial of Service Vulnerability Message-ID: <201106071731.p57HV0xI008049@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Zhang Boyang FTP Server Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44737 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44737/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44737 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44737/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44737/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44737 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Zhang Boyang FTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due an error when processing the "CWD" command. This can be exploited to crash the application by sending a "CWD" command with an empty argument list. The vulnerability is reported in version 1.0. Other versions may also be affected. SOLUTION: Use the application within trusted networks only. PROVIDED AND/OR DISCOVERED BY: offsetIntruder ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17351/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 11:31:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 20:31:18 +0200 Subject: [SEC] [SA44825] KMPlayer MP3 File Processing Buffer Overflow Vulnerability Message-ID: <201106071831.p57IVIuE030935@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: KMPlayer MP3 File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44825 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44825/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44825 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44825/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44825/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44825 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in KMPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing MP3 files and can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code, but requires tricking a user into opening a malicious MP3 file. The vulnerability is confirmed in version 3.0.0.1440. Other versions may also be affected. SOLUTION: Do not open MP3 files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: dookie and ronin OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 12:31:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 21:31:22 +0200 Subject: [SEC] [SA43562] ACDSee Picture Frame Manager Insecure Library Loading Vulnerability Message-ID: <201106071931.p57JVMmC021416@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: ACDSee Picture Frame Manager Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA43562 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43562/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43562 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/43562/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43562/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43562 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a vulnerability in ACDSee Picture Frame Manager, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. ShellIntMgrPFMU.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a JPG file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 1.0 Build 81. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 13:31:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 22:31:01 +0200 Subject: [SEC] [SA44845] SUSE update for gimp Message-ID: <201106072031.p57KV1jC011893@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for gimp SECUNIA ADVISORY ID: SA44845 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44845/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44845 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44845/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44845/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44845 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for gimp. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA37348 SA42771 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0586-1: https://hermes.opensuse.org/messages/8688717 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 14:25:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 23:25:12 +0200 Subject: [SEC] [SA43564] ACDSee FotoSlate Insecure Library Loading Vulnerability Message-ID: <201106072125.p57LPCnN002049@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: ACDSee FotoSlate Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA43564 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43564/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43564 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/43564/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43564/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43564 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a vulnerability in ACDSee FotoSlate, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. dwmapi.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a FotoSlate Project (PLP) file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 4.0 Build 146. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 14:45:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 7 Jun 2011 23:45:56 +0200 Subject: [SEC] [SA43563] ACDSee Photo Editor 2008 Insecure Library Loading Vulnerability Message-ID: <201106072145.p57LjumJ023220@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: ACDSee Photo Editor 2008 Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA43563 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43563/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43563 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/43563/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43563/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43563 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Parvez Anwar has discovered a vulnerability in ACDSee Photo Editor 2008, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading libraries (e.g. Wintab32.dll and CV11-DialogEditor.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a ACDSee Photo document (APD) file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in build 291. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Parvez Anwar via Secunia OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 15:11:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 00:11:21 +0200 Subject: [SEC] [SA44849] Ubuntu update for subversion Message-ID: <201106072211.p57MBLdE012150@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for subversion SECUNIA ADVISORY ID: SA44849 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44849/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44849 RELEASE DATE: 2011-06-07 DISCUSS ADVISORY: http://secunia.com/advisories/44849/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44849/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44849 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for subversion. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44681 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1144-1: http://www.ubuntu.com/usn/usn-1144-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 15:46:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 00:46:04 +0200 Subject: [SEC] [SA44872] Red Hat update for flash-plugin Message-ID: <201106072246.p57Mk4l4001435@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA44872 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44872/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44872 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44872/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44872/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44872 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA44846 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0850-1: https://rhn.redhat.com/errata/RHSA-2011-0850.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 16:11:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 01:11:43 +0200 Subject: [SEC] [SA44867] Fedora update for mumble Message-ID: <201106072311.p57NBhne022844@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for mumble SECUNIA ADVISORY ID: SA44867 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44867/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44867 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44867/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44867/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44867 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mumble. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA40385 SOLUTION: Apply updated packages via the yum utility ("yum update mumble"). ORIGINAL ADVISORY: FEDORA-2011-7194: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061217.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 16:46:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 01:46:11 +0200 Subject: [SEC] [SA44865] Fedora update for unbound Message-ID: <201106072346.p57NkBCR012180@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for unbound SECUNIA ADVISORY ID: SA44865 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44865/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44865 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44865/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44865/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44865 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for unbound. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an assertion error when processing an empty UDP message while replying to certain DNS queries, which can be exploited to cause a crash. Successful exploitation requires that assertions are configured and the interface-automatic option is enabled. SOLUTION: Apply updated packages via the yum utility ("yum update unbound"). PROVIDED AND/OR DISCOVERED BY: The vendor credits Christopher Olah. ORIGINAL ADVISORY: FEDORA-2011-7555: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061243.html Unbound: http://unbound.nlnetlabs.nl/downloads/CVE-2011-1922.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 17:14:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 02:14:00 +0200 Subject: [SEC] [SA44868] Fedora update for gimp Message-ID: <201106080014.p580E0bF001157@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for gimp SECUNIA ADVISORY ID: SA44868 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44868/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44868 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44868/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44868/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44868 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for gimp. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA42771 SOLUTION: Apply updated packages via the yum utility ("yum update gimp"). ORIGINAL ADVISORY: FEDORA-2011-7393: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061212.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 17:45:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 02:45:47 +0200 Subject: [SEC] [SA44823] 1 Click UnZip ZIP File Processing Buffer Overflow Vulnerability Message-ID: <201106080045.p580jlgr022837@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: 1 Click UnZip ZIP File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44823 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44823/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44823 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44823/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44823/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44823 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in 1 Click UnZip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing ZIP files and can be exploited to cause a heap-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.0.0. Other versions may also be affected. SOLUTION: Do not open ZIP files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: C4SS!0 G0M3S ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17363 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 18:11:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 03:11:33 +0200 Subject: [SEC] [SA44817] Debian update for libxml2 Message-ID: <201106080111.p581BXHP011785@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for libxml2 SECUNIA ADVISORY ID: SA44817 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44817/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44817 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44817/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44817/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44817 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA44711 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2255-1: http://lists.debian.org/debian-security-announce/2011/msg00125.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 18:46:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 03:46:16 +0200 Subject: [SEC] [SA44862] Fedora update for tor Message-ID: <201106080146.p581kGEP001078@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for tor SECUNIA ADVISORY ID: SA44862 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44862/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44862 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44862/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44862/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44862 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for tor. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43548 SOLUTION: Apply updated packages via the yum utility ("yum update tor"). ORIGINAL ADVISORY: FEDORA-2011-7972: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061258.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 19:19:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 04:19:16 +0200 Subject: [SEC] [SA44833] Squiz Matrix Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201106080219.p582JGHj023280@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Squiz Matrix Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44833 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44833/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44833 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44833/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44833/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44833 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Patrick Webster has reported multiple vulnerabilities in Squiz Matrix, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "colour" and "pickerid" parameters in __lib/html_form/colour_picker.php, "prefix" parameter in __lib/tag_suggestion/tag_suggestion.php, "editor_name" parameter in __fudge/wysiwyg/plugins/spell_checker/spell_checker_popup.php, "new_window" parameter in __fudge/wysiwyg/plugins/matrix_insert_link/insert_link.php, and "title" and "dfn" parameters in __fudge/wysiwyg/plugins/misc_accessibility/insert_dfn.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 4.0.6 and 4.2.2. Prior versions may also be affected. SOLUTION: Update to version 4.0.7 or 4.2.3. PROVIDED AND/OR DISCOVERED BY: Patrick Webster, OSI Security. Additional information provided by Secunia Research. ORIGINAL ADVISORY: http://www.osisecurity.com.au/advisories/squiz-matrix-cross-site-scripting OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 19:46:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 04:46:03 +0200 Subject: [SEC] [SA44757] Black Box Veri-NAC Directory Traversal Vulnerability Message-ID: <201106080246.p582k3mY012277@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Black Box Veri-NAC Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44757 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44757/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44757 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44757/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44757/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44757 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Black Box Veri-NAC, which can be exploited by malicious people to disclose sensitive information. Certain input passed to the web interface via the URL is not properly verified before being used. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. NOTE: Additionally, a weakness exists due to the Active Directory credentials being stored in clear text. The vulnerability is reported in versions prior to 8.0.10. SOLUTION: Update to version 8.0.10. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: Mikael Simovits, Techworld. ORIGINAL ADVISORY: http://techworld.idg.se/2.2524/1.387616/blackbox-veri-nac---produkten-som-forstor-din-it-sakerhet/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 20:11:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 05:11:08 +0200 Subject: [SEC] [SA44790] Debian update for oprofile Message-ID: <201106080311.p583B85E001138@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for oprofile SECUNIA ADVISORY ID: SA44790 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44790/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44790 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44790/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44790/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44790 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for oprofile. This fixes a weakness, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The weakness is caused due an error within the "set_event()" function in the opcontrol script, which does not properly sanitize the event names before using then in an eval command and can be exploited to execute arbitrary shell commands. Successful exploitation requires that the opcontrol script is added to /etc/sudoers. SOLUTION: Apply updated packages via the apt-get package manager. PROVIDED AND/OR DISCOVERED BY: Reported by Stephane Chauveau in a Debian bug. ORIGINAL ADVISORY: DSA-2254-1: http://www.debian.org/security/2011/dsa-2254 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624212 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 20:46:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 05:46:07 +0200 Subject: [SEC] [SA44869] Fedora update for couchdb Message-ID: <201106080346.p583k7Nb022949@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for couchdb SECUNIA ADVISORY ID: SA44869 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44869/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44869 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44869/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44869/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44869 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for couchdb. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA43111 SOLUTION: Apply updated packages via the yum utility ("yum update couchdb"). ORIGINAL ADVISORY: FEDORA-2011-7232: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061210.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 21:11:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 06:11:47 +0200 Subject: [SEC] [SA44811] Novell iPrint Client Multiple Vulnerabilities Message-ID: <201106080411.p584BlIT011899@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Novell iPrint Client Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44811 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44811/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44811 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44811/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44811/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44811 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. 1) A boundary error in nipplib.dll when handling the "uri" parameter via "printer-url" can be exploited to cause a heap-based buffer overflow. 2) A boundary error in nipplib.dll when handling the "profile-time" parameter via "printer-url" can be exploited to cause a heap-based buffer overflow. 3) A boundary error in nipplib.dll when handling the "profile-name" parameter via "printer-url" can be exploited to cause a heap-based buffer overflow. 4) A boundary error in nipplib.dll when handling the "file-date-time" parameter via "printer-url" can be exploited to cause a heap-based buffer overflow. 5) A boundary error in nipplib.dll when handling the "driver-version" parameter via "printer-url" can be exploited to cause a heap-based buffer overflow. 6) A boundary error in nipplib.dll when handling the "core-package" parameter via "printer-url" can be exploited to cause a heap-based buffer overflow. 7) A boundary error in nipplib.dll when handling the "client-file-name" parameter via "printer-url" can be exploited to cause a heap-based buffer overflow. 8) A boundary error in nipplib.dll when handling the "iprint-client-config-info" parameter via "printer-url" can be exploited to cause a stack-based buffer overflow. 9) A boundary error in nipplib.dll when handling the "op-printer-list-all-jobs" parameter via "printer-url" can be exploited to cause a stack-based buffer overflow. 10) A boundary error in nipplib.dll when handling a cookie associated with the "op-printer-list-all-jobs" parameter via "printer-url" can be exploited to cause a stack-based buffer overflow. Successful exploitation of these vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 5.64. SOLUTION: Update to version 5.64. PROVIDED AND/OR DISCOVERED BY: Ivan Rodriguez Almuina, via ZDI ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=7008708 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-172/ http://www.zerodayinitiative.com/advisories/ZDI-11-173/ http://www.zerodayinitiative.com/advisories/ZDI-11-174/ http://www.zerodayinitiative.com/advisories/ZDI-11-175/ http://www.zerodayinitiative.com/advisories/ZDI-11-176/ http://www.zerodayinitiative.com/advisories/ZDI-11-177/ http://www.zerodayinitiative.com/advisories/ZDI-11-178/ http://www.zerodayinitiative.com/advisories/ZDI-11-179/ http://www.zerodayinitiative.com/advisories/ZDI-11-180/ http://www.zerodayinitiative.com/advisories/ZDI-11-181/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 21:45:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 06:45:46 +0200 Subject: [SEC] [SA44866] LuaExpat XML Processing Denial of Service Vulnerability Message-ID: <201106080445.p584jkeL001145@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: LuaExpat XML Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44866 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44866/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44866 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44866/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44866/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44866 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in LuaExpat, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library. The vulnerability is caused due to an error within the parsing of certain XML input and can be exploited to cause high CPU and memory consumption e.g. via heavily nested XML entities. The vulnerability is reported in versions prior to 1.2.0. SOLUTION: Update to version 1.2.0. PROVIDED AND/OR DISCOVERED BY: Reported in a Debian bug report. ORIGINAL ADVISORY: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=629225 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 7 22:11:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 07:11:07 +0200 Subject: [SEC] [SA44852] Prosody XML Processing Denial of Service Vulnerability Message-ID: <201106080511.p585B7AF022527@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Prosody XML Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44852 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44852/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44852 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44852/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44852/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44852 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Prosody, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the parsing of certain XML input and can be exploited to cause high CPU and memory consumption e.g. via heavily nested XML entities. The vulnerability is reported in versions prior to 0.8.1. SOLUTION: Update to version 0.8.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://blog.prosody.im/prosody-0-8-1-released/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 10:40:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 19:40:23 +0200 Subject: [SEC] [SA44820] Autonomy KeyView File Processing Vulnerabilities Message-ID: <201106081740.p58HeNpX011580@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Autonomy KeyView File Processing Vulnerabilities SECUNIA ADVISORY ID: SA44820 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44820/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44820 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44820/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44820/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44820 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Autonomy KeyView, which can be exploited by malicious people to compromise a vulnerable system. 1) An error when processing Windows Write (WRI) files can be exploited to cause a stack-based buffer overflow. 2) Some errors when processing unspecified file formats can be exploited to corrupt memory. No further information is currently available. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 10.13.1. SOLUTION: Update to version 10.13.1. PROVIDED AND/OR DISCOVERED BY: Will Dormann and Jared Allar, CERT/CC. ORIGINAL ADVISORY: US-CERT (VU#126159): http://www.kb.cert.org/vuls/id/126159 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 11:38:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 20:38:34 +0200 Subject: [SEC] [SA44831] Multi-Tech MultiModem iSMS Script Insertion Vulnerabilities Message-ID: <201106081838.p58IcYIh001912@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Multi-Tech MultiModem iSMS Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA44831 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44831/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44831 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44831/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44831/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44831 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Nathan Power has reported two vulnerabilities in Multi-Tech MultiModem iSMS, which can be exploited by malicious users and malicious people to conduct script insertion attacks. 1) Input passed via the username field to the login form is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when an administrator views the logs. 2) Input passed via SMS text messages is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when an administrator views the logs. SOLUTION: Reportedly fixed in version 1.47f. PROVIDED AND/OR DISCOVERED BY: Nathan Power ORIGINAL ADVISORY: http://www.foofus.net/?p=319 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 12:32:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 21:32:17 +0200 Subject: [SEC] [SA44816] IP POWER 9258 Appliances Authentication Bypass Vulnerability Message-ID: <201106081932.p58JWH9q024578@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: IP POWER 9258 Appliances Authentication Bypass Vulnerability SECUNIA ADVISORY ID: SA44816 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44816/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44816 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44816/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44816/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44816 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the IP POWER 9258 appliances, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the application not properly restricting access to certain scripts, which can be exploited to e.g. turn off an attached device. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Crypt0s OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 13:33:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 22:33:32 +0200 Subject: [SEC] [SA44789] Ruby on Rails Safe Buffer Cross-Site Scripting Weakness Message-ID: <201106082033.p58KXW5Z015106@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ruby on Rails Safe Buffer Cross-Site Scripting Weakness SECUNIA ADVISORY ID: SA44789 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44789/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44789 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44789/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44789/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44789 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Ruby on Rails, which can be exploited by malicious people to conduct cross-site scripting or script insertion attacks. The weakness is caused due to certain methods (e.g. "link_to", "sub!") not properly honoring the "HTML safe" mark for strings, which can lead to e.g. improperly sanitised input being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The weakness is reported in versions 3.0.7 and 2.3.11. Other versions may also be affected. SOLUTION: Update to version 3.0.8 and 2.3.12 (with the rails_xss plugin). PROVIDED AND/OR DISCOVERED BY: The vendor credits Bruno Michel, LinuxFr.org and Brett Valantine. ORIGINAL ADVISORY: http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2e516e7acc96c4fb OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 14:26:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 23:26:53 +0200 Subject: [SEC] [SA44740] NetGear WNDAP350 Configuration Disclosure Security Issue Message-ID: <201106082126.p58LQr0V005286@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: NetGear WNDAP350 Configuration Disclosure Security Issue SECUNIA ADVISORY ID: SA44740 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44740/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44740 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44740/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44740/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44740 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Revelation Space has reported a security issue in NetGear ProSafe Wireless-N Access Point WNDAP350, which can be exploited by malicious people to disclose sensitive information. The security issue is caused due to the downloadFile.php and BackupConfig.php scripts not being properly restricted and can be exploited to disclose certain system configuration (e.g. administrative and WiFi credentials). The security issue is reported in versions 2.0.1 and 2.0.9. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Revelation Space ORIGINAL ADVISORY: https://revspace.nl/RevelationSpace/NewsItem11x05x30x0 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 14:47:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 8 Jun 2011 23:47:44 +0200 Subject: [SEC] [SA44832] Perl Data::FormValidator Module Validation Bypass Security Issue Message-ID: <201106082147.p58LlioP026419@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Perl Data::FormValidator Module Validation Bypass Security Issue SECUNIA ADVISORY ID: SA44832 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44832/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44832 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44832/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44832/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44832 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the Data::FormValidator module for Perl, which can be exploited by malicious people to disclose potentially sensitive information and bypass certain security restrictions. The security issue is caused due to an error within the form validation, which can be exploited to bypass the form validation and potentially leak results from a previous regular expression operation. The security issue is reported in version 4.66. Other versions may also be affected. SOLUTION: Add additional validation. PROVIDED AND/OR DISCOVERED BY: dst at heise.de ORIGINAL ADVISORY: https://rt.cpan.org/Public/Bug/Display.html?id=61792 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 15:12:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 00:12:24 +0200 Subject: [SEC] [SA44836] HP Service Manager and Service Center Multiple Vulnerabilities Message-ID: <201106082212.p58MCOCX015321@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: HP Service Manager and Service Center Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44836 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44836/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44836 RELEASE DATE: 2011-06-08 DISCUSS ADVISORY: http://secunia.com/advisories/44836/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44836/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44836 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in HP Service Manager and Service Center, which can be exploited by malicious, local users to gain access to potentially sensitive information, by malicious users to conduct script-insertion attacks and bypass certain security restrictions, and by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, hijack a user's session, and bypass certain security restrictions. 1) An unspecified error can be exploited by authenticated users to gain unauthorized access to certain data. 2) An unspecified permissions issue can be exploited by local users to gain access to certain information. 3) An unspecified error can be exploited to disclose certain privileged information. 4) An error due to session credentials being reused can be exploited to hijack a user's session. 5) An unspecified error can be exploited to gain unauthorized access. 6) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 7) Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in the following products: * HP Service Manager v9.21, v9.20, v7.11, and v7.02 running on AIX, HP-UX, Linux, Solaris and Windows. * HP Service Manager client v9.21, v9.20, v7.11, and v7.02 running on Windows. * HP Service Center client v6.2.8 running on Windows. * HP Service Center v6.2.8 running on AIX, HP-UX, Linux, Solaris and Windows. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02674 SSRT100487: https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02863015 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 15:47:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 00:47:21 +0200 Subject: [SEC] [SA44793] SUSE update for wireshark Message-ID: <201106082247.p58MlLh8004658@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for wireshark SECUNIA ADVISORY ID: SA44793 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44793/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44793 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44793/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44793/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44793 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA44172 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0599-1: http://lists.opensuse.org/opensuse-updates/2011-06/msg00010.html openSUSE-SU-2011:0602-1: http://lists.opensuse.org/opensuse-updates/2011-06/msg00013.html SUSE-SU-2011:0604-1: https://hermes.opensuse.org/messages/8699920 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 16:13:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 01:13:14 +0200 Subject: [SEC] [SA44758] SUSE update for bind Message-ID: <201106082313.p58NDEOk026029@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for bind SECUNIA ADVISORY ID: SA44758 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44758/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44758 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44758/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44758/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44758 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44719 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0603-1: https://hermes.opensuse.org/messages/8699912 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 16:48:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 01:48:21 +0200 Subject: [SEC] [SA44829] Google Chrome Multiple Vulnerabilities Message-ID: <201106082348.p58NmLRR015399@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44829 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44829/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44829 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44829/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44829/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44829 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information, conduct injection attacks, bypass certain security restrictions, and potentially compromise a user's system. 1) A use-after-free error exists within the float handling. 2) A use-after-free error exists within the accessibility support. 3) An error related to CSS can be exploited to leak history information. 4) An unspecified error can be exploited to bypass the extensions permissions. 5) An error related to a stale pointer exists within the extension framework. 6) An error related to extensions can be exploited to inject script code into new tab pages. 7) A use-after-free error exists within the developer tools. 8) An unspecified error related to history deletion can be exploited to corrupt browser memory. 9) A use-after-free error exists within the image loader. 10) An unspecified error allows for "extension injection" into "chrome://" pages. 11) An error within v8 can be exploited to bypass the same origin restriction. 12) An error related to the DOM can be exploited to bypass the same origin restriction. SOLUTION: Upgrade to version 12.0.742.91. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 9) miaubiz 2) Google Chrome Security Team (SkyLined) 3) Jesse Mohrland, Microsoft and Microsoft Vulnerability Research 4, 6, 7) kuzzcc 5) Google Chrome Security Team (Inferno) 8) Collin Payne 10) Vladislavas Jarmalis. Also independently discovered by Sergey Glazunov. 11, 12) Sergey Glazunov ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2011/06/chrome-stable-release.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 17:15:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 02:15:21 +0200 Subject: [SEC] [SA44759] BLOG:CMS Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201106090015.p590FKMH004386@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: BLOG:CMS Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44759 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44759/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44759 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44759/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44759/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44759 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered multiple vulnerabilities in BLOG:CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed to the "toEmail", "fromEmail", and "toName" POST parameters in admin/plugins/mailtoafriend/mailfriend.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the URL to photo/index.php and photo/templates/admin_default/confirm.tpl.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 4.2.1.f. Prior versions may also be affected. SOLUTION: Update to version 4.2.1.g. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: http://www.rul3z.de/advisories/SSCHADV2011-007.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 17:47:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 02:47:44 +0200 Subject: [SEC] [SA43756] Silex "id_site" Cross-Site Scripting Vulnerability Message-ID: <201106090047.p590liub026035@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Silex "id_site" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA43756 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43756/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43756 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/43756/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43756/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43756 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Russ McRee has discovered a vulnerability in Silex, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "id_site" parameter in sitemap.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.5.4.2. Other versions may also be affected. SOLUTION: Update to version 1.6.1. PROVIDED AND/OR DISCOVERED BY: Russ McRee via Secunia. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 18:13:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 03:13:33 +0200 Subject: [SEC] [SA44798] MODACOM URoad-5000 "engineer" Account Security Issue Message-ID: <201106090113.p591DXpP014986@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: MODACOM URoad-5000 "engineer" Account Security Issue SECUNIA ADVISORY ID: SA44798 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44798/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44798 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44798/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44798/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44798 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in MODACOM URoad-5000, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the device containing an enabled "engineer" account with an unchangeable password. This can be exploited to gain administrative access to the device. The security issue is reported in version v1450. Other versions may also be affected. SOLUTION: Secunia is currently not aware of any solution. PROVIDED AND/OR DISCOVERED BY: Alex Stanev ORIGINAL ADVISORY: Alex Stanev: http://sec.stanev.org/advisories/ASadv-4.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 18:48:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 03:48:16 +0200 Subject: [SEC] [SA44784] Sun Java JDK / JRE / SDK Multiple Vulnerabilities Message-ID: <201106090148.p591mGmp004319@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Sun Java JDK / JRE / SDK Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44784 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44784/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44784 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44784/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44784/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44784 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Sun Java, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system. 1) An error in the 2D component may allow execution of arbitrary code in a client and server deployment via e.g untrusted applets or data sent to APIs through a web service. 2) Another error in the 2D component may allow execution of arbitrary code in a client and server deployment via e.g untrusted applets or data sent to APIs through a web service. 3) An error in the AWT component may allow execution of arbitrary code in a client deployment via e.g untrusted applets or Java Web Start applications. 4) An error in the Deployment component may allow execution of arbitrary code in a client deployment via e.g untrusted applets or Java Web Start applications. 5) Another error in the Deployment component may allow execution of arbitrary code in a client deployment via e.g untrusted applets or Java Web Start applications. 6) An error in the HotSpot component may allow execution of arbitrary code in a client deployment via e.g untrusted applets or Java Web Start applications. 7) An error in the Sound component may allow execution of arbitrary code in a client and server deployment via e.g untrusted applets or data sent to APIs through a web service. 8) Another error in the Sound component may allow execution of arbitrary code in a client and server deployment via e.g untrusted applets or data sent to APIs through a web service. 9) An error in the Swing component may allow execution of arbitrary code in a client deployment via e.g untrusted applets or Java Web Start applications. 10) An error in the Deployment component may allow execution of arbitrary code in a client deployment via e.g untrusted applets or Java Web Start applications. 11) Another error in the Deployment component may allow execution of arbitrary code in a client deployment via e.g untrusted applets or Java Web Start applications. 12) An error in the JRE component may allow execution of arbitrary code in a client deployment via e.g untrusted applets or Java Web Start applications. 13) An error in the 2D component can be exploited to disclose certain data in a client and server deployment via e.g untrusted applets or data sent to APIs through a web service. 14) An error in the NIO component can be exploited to cause a DoS in a server deployment via e.g. data sent to APIs through a web service. 15) An error in the Networking component can be exploited to disclose certain data in a client deployment via e.g untrusted applets or Java Web Start applications. 16) An error in the SAAJ component can be exploited to disclose certain data in a client deployment via e.g untrusted applets or Java Web Start applications. 17) An error in the Deserialization component can be exploited to manipulate certain data in a client deployment via e.g untrusted applets or Java Web Start applications. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Jave SE Critical Patch Update for June 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 8 19:17:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 04:17:01 +0200 Subject: [SEC] [SA44800] CodeMeter WebAdmin "BoxSerial" Cross-Site Scripting Vulnerability Message-ID: <201106090217.p592H1fh026300@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: CodeMeter WebAdmin "BoxSerial" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44800 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44800/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44800 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44800/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44800/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44800 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CodeMeter, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "BoxSerial" parameter to Licenses.html in the WebAdmin is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the CmStick is plugged in. The vulnerability is reported in version 4.30. Other versions may also be affected. SOLUTION: Update to version 4.30b when available. PROVIDED AND/OR DISCOVERED BY: Rob Kraus and Solutionary Engineering Research Team (SERT). ORIGINAL ADVISORY: SERT-VDN-1007: http://www.solutionary.com/index/SERT/Vuln-Disclosures/CodeMeter-WebAdmin.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 10:31:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 19:31:52 +0200 Subject: [SEC] [SA44889] OpenVZ update for kernel Message-ID: <201106091731.p59HVqwi007516@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: OpenVZ update for kernel SECUNIA ADVISORY ID: SA44889 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44889/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44889 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44889/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44889/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44889 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: OpenVZ has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and potentially gain escalated privileges, by malicious, local users to disclose system information and cause a DoS, and by malicious people to cause a DoS. For more information: SA44792 SOLUTION: Update to kernel branch RHEL5 version 028stab091.1. ORIGINAL ADVISORY: http://wiki.openvz.org/Download/kernel/rhel5/028stab091.1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 11:31:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 20:31:30 +0200 Subject: [SEC] [SA44887] Horde_Auth Framework Composite Driver Authentication Bypass Vulnerability Message-ID: <201106091831.p59IVUwh030380@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Horde_Auth Framework Composite Driver Authentication Bypass Vulnerability SECUNIA ADVISORY ID: SA44887 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44887/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44887 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44887/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44887/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44887 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Horde_Auth Framework, which can be exploited by malicious people to bypass certain security features. The vulnerability is caused due to an error within the composite authentication driver, which can be exploited to successfully authenticate with any username and password combination. The vulnerability is reported in versions 1.0.0alpha1 through 1.0.3. SOLUTION: Update to version 1.0.4. PROVIDED AND/OR DISCOVERED BY: Michael Groene, Universit?t Hannover ORIGINAL ADVISORY: http://lists.horde.org/archives/announce/2011/000638.html http://bugs.horde.org/ticket/10211 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 12:31:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 21:31:25 +0200 Subject: [SEC] [SA44818] Red Hat update for java-1.6.0-sun Message-ID: <201106091931.p59JVPJ1020862@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-sun SECUNIA ADVISORY ID: SA44818 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44818/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44818 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44818/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44818/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44818 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-sun. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, compromise a user's system, and compromise a vulnerable system. For more information: SA44784 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0860-1: https://rhn.redhat.com/errata/RHSA-2011-0860.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 13:31:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 22:31:40 +0200 Subject: [SEC] [SA44888] Red Hat update for subversion Message-ID: <201106092031.p59KVeK3011358@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for subversion SECUNIA ADVISORY ID: SA44888 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44888/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44888 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44888/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44888/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44888 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for subversion. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44681 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0862-1: https://rhn.redhat.com/errata/RHSA-2011-0862.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 14:26:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 23:26:46 +0200 Subject: [SEC] [SA44880] Red Hat update for java-1.6.0-openjdk Message-ID: <201106092126.p59LQkhB001560@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-openjdk SECUNIA ADVISORY ID: SA44880 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44880/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44880 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44880/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44880/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44880 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, compromise a user's system, and compromise a vulnerable system. For more information: SA44784 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0856-1: https://rhn.redhat.com/errata/RHSA-2011-0856.html RHSA-2011:0857-1: https://rhn.redhat.com/errata/RHSA-2011-0857.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 14:46:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 9 Jun 2011 23:46:01 +0200 Subject: [SEC] [SA44871] SUSE update for flash-player Message-ID: <201106092146.p59Lk1r4022674@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for flash-player SECUNIA ADVISORY ID: SA44871 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44871/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44871 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44871/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44871/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44871 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA44846 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0612-1: https://hermes.opensuse.org/messages/8704566 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 15:12:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 00:12:28 +0200 Subject: [SEC] [SA44851] Drupal Prepopulate Module Cross-Site Request Forgery and Script Insertion Vulnerabilities Message-ID: <201106092212.p59MCSYS011668@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Drupal Prepopulate Module Cross-Site Request Forgery and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA44851 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44851/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44851 RELEASE DATE: 2011-06-09 DISCUSS ADVISORY: http://secunia.com/advisories/44851/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44851/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44851 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the Prepopulate module for Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks. 1) Input passed via the Prepopulate form is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires permissions to use forms with certain form fields. 2) The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to submit unspecified values in a form by tricking a logged in user into visiting a malicious web site. The vulnerabilities are reported in versions prior to 6.x-2.2. SOLUTION: Update to version 6.x-2.2. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Ezra B. Gildesgame. 2) The vendor credits David Rothstein of the Drupal security team. ORIGINAL ADVISORY: SA-CONTRIB-2011-023: http://drupal.org/node/1182968 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 15:46:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 00:46:19 +0200 Subject: [SEC] [SA44809] HP LoadRunner USR File Directive Parsing Buffer Overflow Vulnerability Message-ID: <201106092246.p59MkJuf000926@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: HP LoadRunner USR File Directive Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44809 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44809/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44809 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44809/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44809/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44809 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP LoadRunner, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error when parsing directives within a Virtual User Script (USR) file and can be exploited to cause a buffer overflow by e.g. tricking a user into opening a USR file with overly long directive strings. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 11.0 and 9.50. Other versions may also be affected SOLUTION: Do not open untrusted USR files. Reportedly, the vendor will fix this in an upcoming version. PROVIDED AND/OR DISCOVERED BY: US-CERT credits Jeremy Brown. ORIGINAL ADVISORY: US-CERT VU#987308: https://www.kb.cert.org/vuls/id/987308 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 16:11:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 01:11:15 +0200 Subject: [SEC] [SA44859] IBM Cognos 8 Planning Java Double Literal Denial of Service Vulnerability Message-ID: <201106092311.p59NBFF1022301@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: IBM Cognos 8 Planning Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44859 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44859/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44859 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44859/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44859/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44859 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM Cognos 8 Planning, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1 in: SA43262 The vulnerability is reported in versions prior to 8.4.1 Fix Pack 2 (FP2). SOLUTION: Update to version 8.4.1 Fix Pack 2 (FP2). ORIGINAL ADVISORY: IBM: https://www.ibm.com/support/docview.wss?uid=swg24029145 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 16:46:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 01:46:28 +0200 Subject: [SEC] [SA44822] SUSE update for ethereal Message-ID: <201106092346.p59NkSUp011680@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for ethereal SECUNIA ADVISORY ID: SA44822 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44822/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44822 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44822/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44822/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44822 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for ethereal. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1 in: SA44172 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0611-1: https://hermes.opensuse.org/messages/8701428 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 17:14:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 02:14:53 +0200 Subject: [SEC] [SA44879] Red Hat update for subversion Message-ID: <201106100014.p5A0ErSj000694@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for subversion SECUNIA ADVISORY ID: SA44879 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44879/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44879 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44879/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44879/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44879 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for subversion. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1 in: SA44681 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0861-1: https://rhn.redhat.com/errata/RHSA-2011-0861.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 17:47:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 02:47:05 +0200 Subject: [SEC] [SA44886] Red Hat update for xerces-j2 Message-ID: <201106100047.p5A0l5HD022399@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for xerces-j2 SECUNIA ADVISORY ID: SA44886 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44886/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44886 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44886/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44886/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44886 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for xerces-j2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #9 in: SA36159 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0858-1: https://rhn.redhat.com/errata/RHSA-2011-0858.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 18:12:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 03:12:28 +0200 Subject: [SEC] [SA44844] Tom Sawyer GET Extension Factory Object Instantiation Memory Corruption Vulnerability Message-ID: <201106100112.p5A1CSN3011331@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Tom Sawyer GET Extension Factory Object Instantiation Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA44844 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44844/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44844 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44844/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44844/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44844 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Tom Sawyer GET Extension Factory, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the object instantiation in Internet Explorer, which can be exploited to cause a memory corruption by e.g. tricking a user into visiting a malicious website. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 5.5.2.237. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Elazar Broad via iDefense ORIGINAL ADVISORY: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=911 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 18:47:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 03:47:30 +0200 Subject: [SEC] [SA44842] Smarty "{fetch}" Tag Security Policy Bypass Vulnerability Message-ID: <201106100147.p5A1lUGB000633@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Smarty "{fetch}" Tag Security Policy Bypass Vulnerability SECUNIA ADVISORY ID: SA44842 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44842/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44842 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44842/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44842/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44842 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Smarty, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the "{fetch}" tag not properly honoring the security policy, which can be exploited to e.g. bypass the "secure_dir" setting. The vulnerability is confirmed in version 3.0.8. Other versions may also be affected. SOLUTION: Fixed in the SVN repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: willwoodlief ORIGINAL ADVISORY: http://www.smarty.net/forums/viewtopic.php?t=19291 http://code.google.com/p/smarty-php/source/detail?r=4119 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 19:17:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 04:17:53 +0200 Subject: [SEC] [SA44876] Red Hat update for cyrus-imapd Message-ID: <201106100217.p5A2Hroc022726@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for cyrus-imapd SECUNIA ADVISORY ID: SA44876 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44876/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44876 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44876/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44876/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44876 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for cyrus-imapd. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA44414 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0859-1: http://rhn.redhat.com/errata/RHSA-2011-0859.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 19:46:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 04:46:26 +0200 Subject: [SEC] [SA44881] Fedora update for rdesktop Message-ID: <201106100246.p5A2kQIf011802@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for rdesktop SECUNIA ADVISORY ID: SA44881 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44881/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44881 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44881/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44881/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44881 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA44200 SOLUTION: Apply updated packages via the yum utility ("yum update rdesktop"). ORIGINAL ADVISORY: FEDORA-2011-7694: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061309.html FEDORA-2011-7697: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061316.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 20:10:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 05:10:54 +0200 Subject: [SEC] [SA44843] Drupal Spam Module Cross-Site Request Forgery Vulnerability Message-ID: <201106100310.p5A3Asdn000645@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Drupal Spam Module Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44843 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44843/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44843 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44843/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44843/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44843 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Spam module for Drupal, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to mark comments as spam by tricking a logged in user into visiting a malicious web site. The vulnerability is reported in versions prior to 6.x-1.1. SOLUTION: Update to version 6.x-1.1 Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: SA-CONTRIB-2011-024: http://drupal.org/node/1183116 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 20:46:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 05:46:37 +0200 Subject: [SEC] [SA44748] 3Com Intelligent Management Center img.exe Integer Overflow Vulnerability Message-ID: <201106100346.p5A3kbPx022491@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: 3Com Intelligent Management Center img.exe Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA44748 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44748/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44748 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44748/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44748/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44748 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in 3Com Intelligent Management Center, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an integer overflow error within img.exe when processing certain packet types and can be exploited to cause a heap-based buffer overflow via a specially crafted packet sent to TCP port 8800. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 3.3 SP2 R2606P13. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma via ZDI. ORIGINAL ADVISORY: ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-170/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 21:11:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 06:11:38 +0200 Subject: [SEC] [SA44884] HP OpenView Storage Data Protector Unspecified Code Execution Vulnerability Message-ID: <201106100411.p5A4BcvK011423@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: HP OpenView Storage Data Protector Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA44884 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44884/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44884 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44884/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44884/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44884 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP OpenView Storage Data Protector, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error. No further information is currently available. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 6.0, 6.10, and 6.11 running on HP-UX, Solaris, Linux and Windows. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02631 SSRT100324: http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02712867 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 21:46:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 06:46:35 +0200 Subject: [SEC] [SA44882] Fedora update for phpMyAdmin Message-ID: <201106100446.p5A4kZTY000723@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for phpMyAdmin SECUNIA ADVISORY ID: SA44882 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44882/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44882 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44882/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44882/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44882 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for phpMyAdmin. This fixes a weakness and a vulnerability, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct spoofing attacks. For more information: SA44641 SOLUTION: Apply updated packages via the yum utility ("yum update phpMyAdmin"). ORIGINAL ADVISORY: FEDORA-2011-7702: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061305.html FEDORA-2011-7703: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061319.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 9 22:11:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 07:11:28 +0200 Subject: [SEC] [SA44853] Drupal Cosign Module SQL Injection Vulnerability Message-ID: <201106100511.p5A5BSJF022092@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Drupal Cosign Module SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44853 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44853/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44853 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44853/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44853/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44853 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Cosign module for Drupal, which can be exploited by malicious users to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires the "administer site configuration" permissions. The vulnerability is reported in versions 6.x-1.4, 6.x-1.5, and 6.x-1.6. SOLUTION: Update to version 6.x-1.7 Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Steven Merrill. ORIGINAL ADVISORY: SA-CONTRIB-2011-022: http://drupal.org/node/1182658 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 10:33:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 19:33:25 +0200 Subject: [SEC] [SA44905] Attachmate Reflection X 2011 PKI Services Manager Two Vulnerabilities Message-ID: <201106101733.p5AHXP7F010886@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Attachmate Reflection X 2011 PKI Services Manager Two Vulnerabilities SECUNIA ADVISORY ID: SA44905 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44905/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44905 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44905/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44905/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44905 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Attachmate has acknowledged two vulnerabilities in Reflection X 2011 and Reflection Suite for X 2011, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. For more information: SA40983 SA43262 (vulnerability #1) The vulnerabilities are reported in the Reflection PKI Services Manager version 1.1 component bundled with the following products: * Reflection X 2011 * Reflection Suite for X 2011 SOLUTION: Do not open untrusted files. Restrict access to trusted hosts only. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: Attachmate: http://support.attachmate.com/techdocs/2560.html http://support.attachmate.com/techdocs/2564.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 11:46:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 20:46:44 +0200 Subject: [SEC] [SA44896] D-Bus Message Byte Order Denial of Service Weakness Message-ID: <201106101846.p5AIkiva021518@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: D-Bus Message Byte Order Denial of Service Weakness SECUNIA ADVISORY ID: SA44896 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44896/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44896 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44896/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44896/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44896 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in D-Bus, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The weakness is caused due to an error in D-Bus when processing messages with a non-native byte order. This can be exploited to e.g. disconnect D-Bus clients by sending specially crafted messages. The weakness is reported in version 1.4.10. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Alp Toker ORIGINAL ADVISORY: http://lists.freedesktop.org/archives/dbus/2007-March/007357.html https://bugs.freedesktop.org/show_bug.cgi?id=38120 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 12:32:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 21:32:19 +0200 Subject: [SEC] [SA44906] Attachmate Reflection for Secure IT Multiple Vulnerabilities Message-ID: <201106101932.p5AJWJBK018514@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Attachmate Reflection for Secure IT Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44906 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44906/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44906 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44906/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44906/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44906 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Attachmate has acknowledged multiple vulnerabilities in Reflection for Secure IT, which can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a user's system. For more information: SA36093 (vulnerability #2) SA44905 The vulnerabilities are reported in version 7.2 prior to SP1 in the following components: * Reflection for Secure IT Windows Server. * Reflection for Secure IT UNIX Client. * Reflection for Secure IT UNIX Server. SOLUTION: Update to version 7.2 SP1. ORIGINAL ADVISORY: Attachmate: http://support.attachmate.com/techdocs/2560.html http://support.attachmate.com/techdocs/2564.html http://support.attachmate.com/techdocs/2565.html http://support.attachmate.com/techdocs/2566.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 13:32:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 22:32:24 +0200 Subject: [SEC] [SA44891] Debian update for tiff Message-ID: <201106102032.p5AKWO8i009012@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for tiff SECUNIA ADVISORY ID: SA44891 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44891/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44891 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44891/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44891/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44891 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for tiff. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise an application using the library. For more information see vulnerability #4 in: SA43593 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2256-1: http://www.debian.org/security/2011/dsa-2256 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 14:27:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 23:27:26 +0200 Subject: [SEC] [SA44902] PDFill PDF Editor Insecure Library Loading Vulnerability Message-ID: <201106102127.p5ALRQWU031674@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: PDFill PDF Editor Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA44902 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44902/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44902 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44902/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44902/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44902 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Solutionary Engineering Research Team has discovered a vulnerability in PDFill PDF Editor, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of mfc70u.dll, which loads libraries (e.g. mfc70enu.dll and mfc70loc.dll) in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into e.g. opening a PFL (".pfl") file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 8.0. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Jose Hernandez, Solutionary Engineering Research Team (SERT). ORIGINAL ADVISORY: SERT-VDN-1008: http://www.solutionary.com/index/SERT/Vuln-Disclosures/PDFill-Insecure-Library.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 14:49:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 10 Jun 2011 23:49:51 +0200 Subject: [SEC] [SA44904] SUSE update for open-vm-tools Message-ID: <201106102149.p5ALnpYM020483@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for open-vm-tools SECUNIA ADVISORY ID: SA44904 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44904/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44904 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44904/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44904/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44904 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for open-vm-tools. This fixes some security issues, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA43798 SA44840 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0617-1: https://hermes.opensuse.org/messages/8711677 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 15:13:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Jun 2011 00:13:21 +0200 Subject: [SEC] [SA44895] Ubuntu update for kernel Message-ID: <201106102213.p5AMDLh6009335@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA44895 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44895/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44895 RELEASE DATE: 2011-06-10 DISCUSS ADVISORY: http://secunia.com/advisories/44895/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44895/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44895 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system and potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people with physical access to cause a DoS and potentially compromise a vulnerable system. For more information: SA42035 SA43009 SA43693 SA43716 SA43966 SA44164 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1146-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001348.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 15:48:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Jun 2011 00:48:36 +0200 Subject: [SEC] [SA44897] Movable Type Multiple Unspecified Vulnerabilities Message-ID: <201106102248.p5AMmaE2031117@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Movable Type Multiple Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA44897 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44897/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44897 RELEASE DATE: 2011-06-11 DISCUSS ADVISORY: http://secunia.com/advisories/44897/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44897/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44897 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Movable Type, which can be exploited by malicious people to disclose potentially sensitive information and manipulate certain data. The vulnerabilities are caused due to unspecified errors and can be exploited to disclose, create, and modify content. No further information is currently available. SOLUTION: Update to fixed version. Please see vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: The vendor credits Alfasado and other, unnamed reporters. ORIGINAL ADVISORY: http://www.movabletype.org/2011/06/movable_type_511_and_5051_4361_security_updates.html http://www.movabletype.org/documentation/appendices/release-notes/511.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 16:13:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Jun 2011 01:13:33 +0200 Subject: [SEC] [SA44850] JW Player "link" Cross-Site Scripting Vulnerability Message-ID: <201106102313.p5ANDXPd020041@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: JW Player "link" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44850 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44850/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44850 RELEASE DATE: 2011-06-11 DISCUSS ADVISORY: http://secunia.com/advisories/44850/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44850/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44850 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Szymon Gruszecki has discovered a vulnerability in JW Player, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "link" parameter to player.swf (when "displayclick" is set to "link" and "file" is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 5.6. Other versions may also be affected. SOLUTION: Fixed in the SVN repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Szymon Gruszecki ORIGINAL ADVISORY: http://developer.longtailvideo.com/trac/ticket/1347 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 10 16:47:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 11 Jun 2011 01:47:04 +0200 Subject: [SEC] [SA44878] Symantec Mail Security KeyView File Processing Vulnerabilities Message-ID: <201106102347.p5ANl4KI009353@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Symantec Mail Security KeyView File Processing Vulnerabilities SECUNIA ADVISORY ID: SA44878 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44878/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44878 RELEASE DATE: 2011-06-11 DISCUSS ADVISORY: http://secunia.com/advisories/44878/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44878/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44878 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Symantec Mail Security, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA44820 Successful exploitation requires the attachment content scanning option to be enabled. SOLUTION: Disable the attachment content scanning option. PROVIDED AND/OR DISCOVERED BY: Will Dormann and Jared Allar, CERT/CC ORIGINAL ADVISORY: US-CERT (VU#126159): http://www.kb.cert.org/vuls/id/126159 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 10:33:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Jun 2011 19:33:05 +0200 Subject: [SEC] [SA44932] Fedora update for kernel Message-ID: <201106131733.p5DHX5kA012368@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA44932 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44932/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44932 RELEASE DATE: 2011-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/44932/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44932/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44932 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for kernel. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an integer underflow error in the DCCP (Datagram Congestion Control Protocol) implementation when handling invalid feature option lengths and can be exploited to crash the system. SOLUTION: Apply updated packages via the yum utility ("yum update kernel"). PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: FEDORA-2011-7551: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061366.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 11:32:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Jun 2011 20:32:05 +0200 Subject: [SEC] [SA44934] Fedora update for java-1.6.0-openjdk Message-ID: <201106131832.p5DIW5af002796@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for java-1.6.0-openjdk SECUNIA ADVISORY ID: SA44934 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44934/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44934 RELEASE DATE: 2011-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/44934/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44934/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44934 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for java-1.6.0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system. For more information: SA44784 SOLUTION: Apply updated packages via the yum utility ("yum update java-1.6.0-openjdk"). ORIGINAL ADVISORY: FEDORA-2011-8003: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061352.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 12:32:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Jun 2011 21:32:11 +0200 Subject: [SEC] [SA44940] Debian update for fex Message-ID: <201106131932.p5DJWB55025726@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for fex SECUNIA ADVISORY ID: SA44940 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44940/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44940 RELEASE DATE: 2011-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/44940/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44940/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44940 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for fex. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the application not properly verifying the existence of "auth-ID" when uploading files and can be exploited to bypass the authentication mechanism. SOLUTION: Apply updated packages via the apt-get package manager. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: DSA-2259-1: http://lists.debian.org/debian-security-announce/2011/msg00129.html http://fex.rus.uni-stuttgart.de/fex.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 13:32:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Jun 2011 22:32:15 +0200 Subject: [SEC] [SA44928] Fedora update for cyrus-imapd Message-ID: <201106132032.p5DKWF6f016233@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for cyrus-imapd SECUNIA ADVISORY ID: SA44928 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44928/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44928 RELEASE DATE: 2011-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/44928/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44928/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44928 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for cyrus-imapd. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA44414 SOLUTION: Apply updated packages via the yum utility ("yum update cyrus-imapd"). ORIGINAL ADVISORY: FEDORA-2011-7193: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061415.html FEDORA-2011-7217: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061374.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 14:29:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Jun 2011 23:29:14 +0200 Subject: [SEC] [SA44943] Joomla! Minitek FAQ Book Component "id" SQL Injection Vulnerability Message-ID: <201106132129.p5DLTEt9006593@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Joomla! Minitek FAQ Book Component "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44943 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44943/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44943 RELEASE DATE: 2011-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/44943/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44943/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44943 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Minitek FAQ Book component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "option" is set to "com_faqbook" and "view" is set to "category") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: kaMtiEz OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 14:48:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 13 Jun 2011 23:48:09 +0200 Subject: [SEC] [SA44913] Debian update for kolab-cyrus-imapd Message-ID: <201106132148.p5DLm9V9027636@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for kolab-cyrus-imapd SECUNIA ADVISORY ID: SA44913 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44913/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44913 RELEASE DATE: 2011-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/44913/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44913/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44913 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for kolab-cyrus-imapd. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA44414 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2257-1: http://lists.debian.org/debian-security-announce/2011/msg00128.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 15:14:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 00:14:40 +0200 Subject: [SEC] [SA44919] UUSee UUPlayer ActiveX Control "DoCmd()" Buffer Overflow Message-ID: <201106132214.p5DMEeLT016640@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: UUSee UUPlayer ActiveX Control "DoCmd()" Buffer Overflow SECUNIA ADVISORY ID: SA44919 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44919/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44919 RELEASE DATE: 2011-06-13 DISCUSS ADVISORY: http://secunia.com/advisories/44919/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44919/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44919 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: huimaozi has discovered a vulnerability in UUSee, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the bundled UUPlayer.ocx ActiveX control when handling the "DoCmd()" method. This can be exploited to cause a stack-based buffer overflow via an overly long argument. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2010 6.11.0609.2 bundling UUPlayer.ocx version 6.0.0.1. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: huimaozi ORIGINAL ADVISORY: http://www.huimaozi.net/?p=122 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 15:47:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 00:47:58 +0200 Subject: [SEC] [SA44929] Fedora update for bind Message-ID: <201106132247.p5DMlwlm005938@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for bind SECUNIA ADVISORY ID: SA44929 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44929/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44929 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44929/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44929/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44929 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44719 SOLUTION: Apply updated packages via the yum utility ("yum update bind"). ORIGINAL ADVISORY: FEDORA-2011-7602: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061401.html FEDORA-2011-7621: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061405.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 16:11:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 01:11:52 +0200 Subject: [SEC] [SA44937] Fedora update for mutt Message-ID: <201106132311.p5DNBqYD027226@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for mutt SECUNIA ADVISORY ID: SA44937 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44937/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44937 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44937/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44937/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44937 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mutt. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks. The security issue is caused due the application not properly checking if the "Common Name" field provided inside X.509 certificates matches the requested hostname of the SMTP server. This can be exploited to e.g. conduct Man-in-the-Middle (MitM) attacks. SOLUTION: Apply updated packages via the yum utility ("yum update mutt"). PROVIDED AND/OR DISCOVERED BY: dave b ORIGINAL ADVISORY: FEDORA-2011-7751: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061356.html dave b: http://dev.mutt.org/trac/ticket/3506 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 16:46:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 01:46:36 +0200 Subject: [SEC] [SA44917] Subrion CMS "username" SQL Injection Vulnerability Message-ID: <201106132346.p5DNkaEn016591@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Subrion CMS "username" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44917 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44917/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44917 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44917/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44917/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44917 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Karthik R has reported a vulnerability in Subrion CMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "username" parameter to admin/index.php (when "action" is set to "login") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 2.0.4. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Karthik R (3psil0nLambDa) ORIGINAL ADVISORY: http://epsilonlambda.wordpress.com/2011/06/11/releasing-my-first-exploit/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 17:14:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 02:14:30 +0200 Subject: [SEC] [SA44946] BlackBerry Tablet OS Flash Player Cross-Site Scripting Vulnerability Message-ID: <201106140014.p5E0EUCq005645@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: BlackBerry Tablet OS Flash Player Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44946 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44946/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44946 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44946/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44946/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44946 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BlackBerry Tablet OS, which can be exploited by malicious people to conduct cross-site scripting attacks. The vulnerability is caused due to a vulnerable bundled version of Adobe Flash Player. For more information: SA44846 The vulnerability is reported in versions 1.0.5.2304 and prior. SOLUTION: Update to version 1.0.5.2342 or later. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day in Adobe Flash Player. ORIGINAL ADVISORY: http://www.blackberry.com/btsc/KB27240 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 17:46:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 02:46:41 +0200 Subject: [SEC] [SA44900] Ubuntu update for qemu-kvm Message-ID: <201106140046.p5E0kfUW027287@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for qemu-kvm SECUNIA ADVISORY ID: SA44900 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44900/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44900 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44900/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44900/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44900 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for qemu-kvm. This fixes some vulnerabilities, which can be exploited by malicious, local users in a guest system to cause a DoS (Denial of Service) and potentially gain escalated privileges. For more information: SA44132 SA44458 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1145-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001349.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 13 18:11:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 03:11:51 +0200 Subject: [SEC] [SA44892] Debian update for vlc Message-ID: <201106140111.p5E1Bpk4016229@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for vlc SECUNIA ADVISORY ID: SA44892 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44892/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44892 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44892/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44892/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44892 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for vlc. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information see vulnerability #2 in: SA44412 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2257-1: http://lists.debian.org/debian-security-announce/2011/msg00127.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 10:33:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 19:33:08 +0200 Subject: [SEC] [SA44848] Aastra 9480i IP Phone Information Disclosure Security Issues Message-ID: <201106141733.p5EHX8Xx016238@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Aastra 9480i IP Phone Information Disclosure Security Issues SECUNIA ADVISORY ID: SA44848 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44848/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44848 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44848/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44848/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44848 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two security issues have been reported in Aastra 9480i IP Phone, which can be exploited by malicious people to disclose system information. The security issues are caused due to the application not properly restricting access to the globalSIPsettings.html and SIPsettingsLine1.html configuration files, which can be exploited to e.g. disclose credentials of connected phone lines. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Pr0T3cT10n OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 11:31:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 20:31:52 +0200 Subject: [SEC] [SA44883] Joomla! Core Design Scriptegrator Plugin Two File Inclusion Vulnerabilities Message-ID: <201106141831.p5EIVqwJ006678@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Joomla! Core Design Scriptegrator Plugin Two File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA44883 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44883/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44883 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44883/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44883/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44883 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in the Core Design Scriptegrator plugin for Joomla!, which can be exploited by malicious people to disclose sensitive information. 1) Input passed to the "files[]" parameter in plugins/system/cdscriptegrator/libraries/highslide/css/cssloader.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. 2) Input passed to the "file" parameter in plugins/system/cdscriptegrator/libraries/jquery/theme/cssloader.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 1.5.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: jdc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 12:32:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 21:32:05 +0200 Subject: [SEC] [SA44580] Libvoikko NULL Character Handling Denial of Service Vulnerability Message-ID: <201106141932.p5EJW5s1029578@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Libvoikko NULL Character Handling Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44580 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44580/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44580 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44580/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44580/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44580 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Libvoikko, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library. The vulnerability is caused due to an error within the application when handling certain input strings via the Python and Java interfaces and can be exploited to cause a crash via a string containing NULL characters. The vulnerability is reported in versions prior to 3.2.1. SOLUTION: Update to version 3.2.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://voikko.sourceforge.net/releases.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 13:31:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 22:31:38 +0200 Subject: [SEC] [SA44907] Windows Ancillary Function Driver Privilege Escalation Vulnerability Message-ID: <201106142031.p5EKVcJM020056@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Windows Ancillary Function Driver Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA44907 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44907/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44907 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44907/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44907/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44907 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an input validation error in the Ancillary Function Driver (afd.sys) when passing data from user mode to the kernel. This can be exploited to execute arbitrary code in kernel mode via a specially crafted application. NOTE: According to Microsoft, the vulnerability is currently being actively exploited. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. The vendor also credits Steven Adair, Shadowserver Foundation and Chris S. ORIGINAL ADVISORY: MS11-046 (KB2503665): http://www.microsoft.com/technet/security/Bulletin/MS11-046.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 14:26:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 23:26:22 +0200 Subject: [SEC] [SA44893] Microsoft Windows OpenType Font Pointer Validation Vulnerability Message-ID: <201106142126.p5ELQMdh010314@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows OpenType Font Pointer Validation Vulnerability SECUNIA ADVISORY ID: SA44893 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44893/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44893 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44893/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44893/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44893 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a pointer validation error in win32k.sys when parsing OpenType fonts. This can be exploited by tricking a user into e.g. opening a OTF file located on a remote WebDAV or SMB share. Successful exploitation may allow execution of arbitrary code in kernel mode on a x64- or Itanium-based system. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Koro, KoroSoft. ORIGINAL ADVISORY: MS11-041 (KB2525694): http://www.microsoft.com/technet/security/Bulletin/MS11-041.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 14:47:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 14 Jun 2011 23:47:01 +0200 Subject: [SEC] [SA44931] Microsoft Office Excel Unspecified Record Parsing Vulnerability Message-ID: <201106142147.p5ELl1Fn031448@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Office Excel Unspecified Record Parsing Vulnerability SECUNIA ADVISORY ID: SA44931 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44931/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44931 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44931/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44931/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44931 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system. For more information see vulnerability #2: SA44901 Successful exploitation allows execution of arbitrary code via specially crafted Excel files. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: MS11-045 (KB2537146, KB2523021): http://www.microsoft.com/technet/security/Bulletin/MS11-045.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 15:12:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 00:12:55 +0200 Subject: [SEC] [SA44841] Microsoft .NET Framework / Silverlight Array Offset Vulnerability Message-ID: <201106142212.p5EMCtnC020417@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft .NET Framework / Silverlight Array Offset Vulnerability SECUNIA ADVISORY ID: SA44841 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44841/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44841 RELEASE DATE: 2011-06-14 DISCUSS ADVISORY: http://secunia.com/advisories/44841/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44841/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44841 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft .NET Framework and Silverlight, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an input validation error when passing values to trusted APIs. This can be exploited to access memory in an unsafe manner via a specially crafted XAML Browser Application (XBAP) or Silverlight application. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Michael J. Liu. ORIGINAL ADVISORY: MS11-039 (KB2512827, KB2514842, KB2478656, KB2478657, KB2478658, KB2478659, KB2478660, KB2478661, KB2478662, KB2478663): http://www.microsoft.com/technet/security/Bulletin/MS11-039.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 15:46:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 00:46:28 +0200 Subject: [SEC] [SA44948] Microsoft Windows Distributed File System Referral Response Denial of Service Message-ID: <201106142246.p5EMkS7L009712@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Distributed File System Referral Response Denial of Service SECUNIA ADVISORY ID: SA44948 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44948/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44948 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44948/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44948/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44948 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #2: SA44894 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Laurent Gaffie, NGS Software. ORIGINAL ADVISORY: MS11-042 (KB2535512): http://www.microsoft.com/technet/security/Bulletin/MS11-042.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 16:12:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 01:12:41 +0200 Subject: [SEC] [SA44899] Microsoft .NET Framework JIT Object Validation Vulnerability Message-ID: <201106142312.p5ENCfXo031107@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft .NET Framework JIT Object Validation Vulnerability SECUNIA ADVISORY ID: SA44899 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44899/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44899 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44899/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44899/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44899 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft .NET Framework, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due the .NET JIT compiler incorrectly validating certain values within an object. This can be exploited to execute arbitrary code by e.g. tricking a user into visiting a specially crafted website that hosts a XBAP (XAML browser application). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-044 (KB2538814, KB2518864, KB2530095, KB2518870, KB2518863, KB2518866, KB2518869, KB2518867): http://www.microsoft.com/technet/security/Bulletin/MS11-044.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 16:47:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 01:47:29 +0200 Subject: [SEC] [SA44912] Microsoft XML Editor External Entities Resolution Information Disclosure Vulnerability Message-ID: <201106142347.p5ENlT6L020472@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft XML Editor External Entities Resolution Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA44912 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44912/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44912 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44912/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44912/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44912 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft XML Editor, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error when resolving XML external entities in a Web Service Discovery file (".disco") and can be exploited to disclose the contents of arbitrary files. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Jesse Ou, Cigital. ORIGINAL ADVISORY: MS11-049 (KB2251481, KB2251489, KB2494086, KB2494088, KB2494089, KB2494094, KB2494096, KB2494100, KB2494112, KB2494113, KB2494120, KB2494123, KB2510061, KB2510065, KB2546869): http://www.microsoft.com/technet/security/Bulletin/MS11-049.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 17:14:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 02:14:45 +0200 Subject: [SEC] [SA44857] Microsoft Threat Management Gateway Firewall Client Vulnerability Message-ID: <201106150014.p5F0EjVx009501@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Threat Management Gateway Firewall Client Vulnerability SECUNIA ADVISORY ID: SA44857 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44857/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44857 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44857/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44857/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44857 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Forefront Threat Management Gateway (TMG) Client, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the "NSPLookupServiceNext()" function and can be exploited to corrupt memory via specific requests made through the TMG firewall client. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-040 (KB2520426): http://www.microsoft.com/technet/security/Bulletin/MS11-040.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 17:46:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 02:46:34 +0200 Subject: [SEC] [SA44914] Microsoft Internet Explorer Multiple Vulnerabilities Message-ID: <201106150046.p5F0kY18031131@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Internet Explorer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44914 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44914/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44914 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44914/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44914/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44914 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Internet Explorer, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. 1) An error when downloading certain content can be exploited to perform certain unexpected actions and disclose MIME information from a different domain or Internet Explorer zone. 2) A use-after-free error when handling link properties can be exploited to corrupt memory. Successful exploitation of this vulnerability may allow execution of arbitrary code. 3) A use-after-free error when handling a DOM object can be exploited to corrupt memory. Successful exploitation of this vulnerability may allow execution of arbitrary code. 4) An error within the "toStaticHTML()" function when sanitising certain strings can be exploited to disclose certain information. 5) A use-after-free error when handling drag and drop events on certain content can be exploited to corrupt memory. Successful exploitation of this vulnerability allows execution of arbitrary code. 6) A use-after-free error when handling certain time elements can be exploited to corrupt memory. Successful exploitation of this vulnerability allows execution of arbitrary code. 7) A use-after-free error when handling certain copy and paste operations on DOM objects can be exploited to corrupt memory. Successful exploitation of this vulnerability may allow execution of arbitrary code. 8) An error when handling drag and drop events on certain content can be exploited to disclose information from another domain or Internet Explorer zone. 9) A use-after-free error when handling layouts can be exploited to corrupt memory. Successful exploitation of this vulnerability allows execution of arbitrary code. 10) A use-after-free error within the selection objection can be exploited to corrupt memory. Successful exploitation of this vulnerability allows execution of arbitrary code. 11) A use-after-free error when handling HTTP redirects can be exploited to corrupt memory. Successful exploitation of this vulnerability may allow execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Robert Swiecki, Google 2) NSFOCUS Security Team 3) An anonymous person via SecuriTeam 4) Adi Cohen, IBM Rational Application Security 5) Nirmal Singh Bhary, Norman 6) An anonymous person via iDefense Labs 7) Damian Put via ZDI 8) Yoel Gluck, Yogesh Badwe, and Varun Badhwar, salesforce.com 9) Jose Antonio Vazquez Gonzalez via ZDI 10) An anonymous person via ZDI 11) Peter Winter-Smith via ZDI ORIGINAL ADVISORY: MS11-050 (KB2530548): http://www.microsoft.com/technet/security/Bulletin/MS11-050.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 18:11:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 03:11:36 +0200 Subject: [SEC] [SA44935] SUSE update for openssl Message-ID: <201106150111.p5F1Ba9f020058@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for openssl SECUNIA ADVISORY ID: SA44935 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44935/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44935 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44935/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44935/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44935 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for openssl. This fixes a weakness, which can be exploited by malicious people to disclose potentially sensitive information. For more information: SA44572 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0634-1: https://hermes.opensuse.org/messages/8760466 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 18:46:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 03:46:47 +0200 Subject: [SEC] [SA44930] SUSE update for java-1_6_0-sun Message-ID: <201106150146.p5F1klng009440@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for java-1_6_0-sun SECUNIA ADVISORY ID: SA44930 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44930/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44930 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44930/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44930/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44930 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_6_0-sun. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system. For more information: SA44784 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0633-1: https://hermes.opensuse.org/messages/8754315 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 19:22:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 04:22:52 +0200 Subject: [SEC] [SA44894] Microsoft Windows Distributed File System Two Vulnerabilities Message-ID: <201106150222.p5F2Mqn0031715@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Distributed File System Two Vulnerabilities SECUNIA ADVISORY ID: SA44894 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44894/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44894 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44894/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44894/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44894 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a user's system. 1) A validation error in the Distributed File System (DFS) can be exploited to corrupt memory via a specially crafted DFS response. Successful exploitation allows execution of arbitrary code, but requires tricking a user into initiating a DFS connection to a malicious server. 2) An error in the Distributed File System (DFS) when processing DFS referral responses can be exploited to cause a system to stop responding. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) The vendor credits Laurent Gaffie, NGS Software. ORIGINAL ADVISORY: MS11-042 (KB2535512): http://www.microsoft.com/technet/security/Bulletin/MS11-042.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 19:47:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 04:47:53 +0200 Subject: [SEC] [SA43980] Microsoft Windows MHTML Mime-Formatted Request Cross-Site Scripting Message-ID: <201106150247.p5F2lrVZ020651@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows MHTML Mime-Formatted Request Cross-Site Scripting SECUNIA ADVISORY ID: SA43980 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43980/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43980 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/43980/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43980/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43980 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting attacks. The vulnerability is caused due to an error in the way the MHTML (MIME Encapsulation of Aggregate HTML) protocol handler interprets MIME-formatted requests. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-037 (KB2544893): http://www.microsoft.com/technet/security/Bulletin/MS11-037.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 20:12:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 05:12:55 +0200 Subject: [SEC] [SA44920] Internet Explorer Vector Markup Language Memory Corruption Vulnerability Message-ID: <201106150312.p5F3CtUC009573@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Internet Explorer Vector Markup Language Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA44920 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44920/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44920 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44920/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44920/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44920 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Internet Explorer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the Vector Markup Language (VML) implementation (vgx.dll) when accessing objects that are not correctly initialised or have been deleted. This can be exploited to corrupt memory via e.g. a specially crafted web page. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person via ZDI. ORIGINAL ADVISORY: MS11-052 (KB2544521): http://www.microsoft.com/technet/security/Bulletin/MS11-052.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 20:48:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 05:48:35 +0200 Subject: [SEC] [SA44901] Microsoft Office Excel Multiple Vulnerabilities Message-ID: <201106150348.p5F3mZ1H031378@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Office Excel Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44901 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44901/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44901 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44901/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44901/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44901 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Office Excel, which can be exploited by malicious people to compromise a user's system. 1) An input validation error when parsing certain record structures can be exploited to corrupt memory. 2) An unspecified error when validating certain record information can be exploited to corrupt memory. 3) An unspecified error when validating certain record information can be exploited to access data outside the bounds of an array and corrupt memory. 4) An unspecified error when validating certain record information can be exploited to overwrite heap memory. 5) An unspecified error when validating certain record information can be exploited to cause a buffer overflow. 6) An unspecified error when validating certain record information can be exploited to corrupt memory. 7) An unspecified error when validating certain record information can be exploited to corrupt memory. 8) An unspecified error when validating certain record information can be exploited to corrupt memory. Successful exploitation allows execution of arbitrary code via specially crafted Excel files. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Bing Liu, Fortinet's FortiGuard Labs. 2, 4) An anonymous person via iDefense. 3, 6) Omair via iDefense. 5) Nicolas Gregoire, Agarri. 7, 8) Will Dormann, CERT/CC. ORIGINAL ADVISORY: MS11-045 (KB2537146, KB2541003, KB2541025, KB2541007, KB2555786, KB2555785, KB2555787, KB2541015, KB2541012): http://www.microsoft.com/technet/security/Bulletin/MS11-045.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 21:15:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 06:15:29 +0200 Subject: [SEC] [SA44915] Microsoft Windows Active Directory Certificate Services Web Enrollment Cross-Site Scripting Message-ID: <201106150415.p5F4FTrI020388@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Active Directory Certificate Services Web Enrollment Cross-Site Scripting SECUNIA ADVISORY ID: SA44915 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44915/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44915 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44915/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44915/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44915 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input passed to Active Directory Certificate Services Web Enrollment is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Ruggero Strabla, Emaze Networks and Saipem Security Team. ORIGINAL ADVISORY: MS11-051 (KB2518295): http://www.microsoft.com/technet/security/Bulletin/MS11-051.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 21:47:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 06:47:32 +0200 Subject: [SEC] [SA44910] Microsoft Windows SMB Request Parsing Denial of Service Vulnerability Message-ID: <201106150447.p5F4lW3F009624@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows SMB Request Parsing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44910 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44910/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44910 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44910/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44910/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44910 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to cause a DOS (Denial of Service). The vulnerability is caused due to an unspecified error within the SMB server when parsing certain SMB requests. This can be exploited via a specially crafted request to cause the service to stop responding until manually restarted. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-048 (KB2536275): http://www.microsoft.com/technet/security/Bulletin/MS11-048.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 14 22:11:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 07:11:39 +0200 Subject: [SEC] [SA44908] Microsoft Windows Hyper-V VMBus Denial of Service Vulnerability Message-ID: <201106150511.p5F5Bdvx030912@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Hyper-V VMBus Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44908 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44908/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44908 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44908/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44908/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44908 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to a validation error when processing certain machine instructions. This can be exploited to cause the Hyper-V server and all guest virtual machines to stop responding via a specially crafted packet sent to the VMBus communication channel. Successful exploitation requires local logon privileges within a guest virtual machine. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Nicolas Economou, Core Security Technologies. ORIGINAL ADVISORY: MS11-047 (KB2525835): http://www.microsoft.com/technet/security/Bulletin/MS11-047.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 10:35:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 19:35:25 +0200 Subject: [SEC] [SA44967] miniblog Cross-Site Scripting and Request Forgery Vulnerabilities Message-ID: <201106151735.p5FHZPeZ004308@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: miniblog Cross-Site Scripting and Request Forgery Vulnerabilities SECUNIA ADVISORY ID: SA44967 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44967/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44967 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44967/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44967/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44967 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in miniblog, which can be exploited by malicious people to conduct cross-site scripting and request forgery attacks. 1) Input passed via the "post_list" parameter to adm/list.php, the "error_text" parameter to adm/login.php, the "response_text" parameter to adm/options.php, adm/password.php, and adm/edit.php, and the "mode" parameter to adm/edit.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that "register_globals" is enabled. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add new posts by tricking a logged in administrative user into visiting a malicious web site. The vulnerabilities are confirmed in version 1.0.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23008: http://www.htbridge.ch/advisory/multiple_xss_in_miniblog.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 11:35:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 20:35:30 +0200 Subject: [SEC] [SA43811] Adobe Shockwave Player Multiple Vulnerabilities Message-ID: <201106151835.p5FIZUQw027225@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Adobe Shockwave Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43811 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43811/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43811 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/43811/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43811/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43811 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Shockwave Player, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error in dirapi.dll can be exploited to corrupt memory. 2) An unspecified error in dirapi.dll can be exploited to corrupt memory. 3) An unspecified error in dirapi.dll can be exploited to corrupt memory. 4) An unspecified error in dirapi.dll can be exploited to corrupt memory. 5) Unspecified errors in dirapi.dll can be exploited to corrupt memory. 6) An input validation error in dirapi.dll when calculating offsets into buffers based on various 16-bit values in rcsL chunks can be exploited to corrupt memory. 7) A logic error in dirapi.dll when a xtcL chunk is not present as expected results in use of uninitialised memory. 8) An integer overflow error in dirapi.dll when parsing certain 16-bit fields in rcsL chunks can be exploited to cause heap-based buffer overflows. 9) An error in dirapi.dll when parsing rcsL chunks can be exploited to cause a heap-based buffer overflow as a size value is calculating based on two pointer values without ensuring that the first pointer value is greater than the second pointer value. 10) An unspecified design flaw exists in an unspecified component. 11) An integer overflow error in dirapi.dll when parsing rcsL chunks can be exploited to cause a heap-based buffer overflow. 12) A boundary error in "Font Asset.x32" when parsing font-related structures can be exploited to cause stack-based buffer overflows. 13) Multiple unspecified errors exist in IML32.dll. 14) Integer overflow errors in a function used to calculate how much space is required for storing a specified amount of DEMX data of a specified type can be exploited to cause buffer overflows. 15) An integer overflow error in a function used to create a structure for storing DEMX data can be exploited to cause heap-based buffer overflows. 16) An error when allocating buffers based on sizes obtained from KEY* chunks can be exploited to cause a heap-based buffer overflow as an allocated buffer may not be sufficiently sized to contain the minimum amount of data being copied. 17) An integer underflow error in IML32.dll when e.g. decompressing embedded GIF images can be exploited to corrupt memory. 18) Missing input validation in TextXtra.x32 within a function designed to read data into a buffer based on size values obtained from DEMX chunks can be exploited to cause buffer overflows. 19) An error when extracting strings from embedded media objects can be exploited to write a NULL byte to an arbitrary memory location. 20) An error in dirapi.dll when parsing CASt chunks can be exploited to cause buffer overflows as size values are not properly checked before being used in a call to memmove(). 21) An integer overflow error in IML32.dll when allocating buffers to e.g. contain data from rcsL chunks can be exploited to cause a heap-based buffer overflow. 22) An integer overflow error in TextXtra.x32 when parsing text elements can be exploited to cause heap-based buffer overflows. 23) An integer overflow error when allocating memory for substructures within xtcL chunks can be exploited to cause heap-based buffer overflows. 24) An integer overflow error in the Shockwave3DAsset component when parsing DEMX chunks can be exploited to cause a heap-based buffer overflow. 25) Missing input validation within the parsing of certain structures in rcsL chunks can be exploited to corrupt memory as an offset is trusted when calculating a pointer value. 26) Multiple unspecified errors in IML32.dll can be exploited to corrupt memory. 27) An unspecified error in IML32.dll can be exploited to corrupt memory. 28) A logic error when attempting to reallocate memory based on DEMX data may result in memory not being reallocated as expected and can be exploited to cause heap-based buffer overflows. 29) An input validation error exists in the FLV ASSET Xtra component. 30) A logic error in dirapi.dll when parsing substructures within rcsL chunks can be exploited to trigger misallocation of buffers and cause heap-based buffer overflows. 31) An integer overflow error in the CursorAsset x32 component when parsing cursor structures can be exploited to cause a heap-based buffer overflow. 32) An integer overflow error in AudioMixer.x32 when parsing mixer structures can be exploited to cause a heap-based buffer overflow. 33) An unspecified error in dirapi.dll can be exploited to corrupt memory. 34) An integer overflow error exists in the Shockwave 3D Asset x32 component. 35) A logic error when attempting to allocate memory for DEMX data using overly large sizes may result in memory not being allocated as expected and can be exploited to corrupt memory. 36) An error in Dirapix.dll can be exploited to cause a buffer overflow. 37) An unspecified error can be exploited to cause a buffer overflow. 38) An unspecified error can be exploited to corrupt memory. 39) An input validation error when parsing DEMX chunks causes an invalid value to be used as a loop counter when writing data, which can be exploited to corrupt memory. Successful exploitation of the vulnerabilities allows execution of arbitrary code. The vulnerabilities are reported in version 11.5.9.620. Other versions may also be affected. SOLUTION: Update to version 11.6.0.626. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1-4, 36-38) Reported by the vendor. 5) The vendor credits Honggang Ren of Fortinet's Fortiguard Labs, Mark Yason of IBM X-Force Research, Aaron Portnoy and Logan Brown of TippingPoint DVLabs, Aniway via ZDI, Luigi Auriemma via iDefense. 6, 14, 15, 18, 28, 35, 39) Carsten Eiram, Secunia Research. 7, 8, 9, 11, 16, 17, 21, 22, 23, 30) Luigi Auriemma via ZDI. 10) The vendor credits Will Dormann, CERT/CC. 12, 31, 32) Sebastian Apelt via ZDI. 13) The vendor credits Aaron Portnoy and Logan Brown, TippingPoint DVLabs. 18) Binaryproof via ZDI. 19, 20) Luigi Auriemma and Donato Ferrante via ZDI. 24, 25) Aniway via ZDI. 26) The vendor credits Luigi Auriemma via iDefense and Rodrigo Rubira Branco of Qualys Vulnerability & Malware Research Team (VMRT). 27) The vendor credits Aaron Portnoy and Logan Brown, TippingPoint DVLabs. 29) The vendor credits Donato Ferrante via ZDI. 33) The vendor credits Celil ?n?ver, SignalSEC and BGA. 34) The vendor credits Luigi Auriemma via iDefense. ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/bulletins/apsb11-17.html Secunia Research: http://secunia.com/secunia_research/2011-40/ http://secunia.com/secunia_research/2011-42/ http://secunia.com/secunia_research/2011-43/ http://secunia.com/secunia_research/2011-44/ http://secunia.com/secunia_research/2011-45/ http://secunia.com/secunia_research/2011-46/ http://secunia.com/secunia_research/2011-47/ ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-200/ http://www.zerodayinitiative.com/advisories/ZDI-11-201/ http://www.zerodayinitiative.com/advisories/ZDI-11-202/ http://www.zerodayinitiative.com/advisories/ZDI-11-203/ http://www.zerodayinitiative.com/advisories/ZDI-11-204/ http://www.zerodayinitiative.com/advisories/ZDI-11-205/ http://www.zerodayinitiative.com/advisories/ZDI-11-206/ http://www.zerodayinitiative.com/advisories/ZDI-11-207/ http://www.zerodayinitiative.com/advisories/ZDI-11-208/ http://www.zerodayinitiative.com/advisories/ZDI-11-209/ http://www.zerodayinitiative.com/advisories/ZDI-11-210/ http://www.zerodayinitiative.com/advisories/ZDI-11-211/ http://www.zerodayinitiative.com/advisories/ZDI-11-212/ http://www.zerodayinitiative.com/advisories/ZDI-11-213/ http://www.zerodayinitiative.com/advisories/ZDI-11-214/ http://www.zerodayinitiative.com/advisories/ZDI-11-215/ http://www.zerodayinitiative.com/advisories/ZDI-11-216/ http://www.zerodayinitiative.com/advisories/ZDI-11-217/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 12:34:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 21:34:02 +0200 Subject: [SEC] [SA44941] Red Hat update for flash-plugin Message-ID: <201106151934.p5FJY2xf017649@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA44941 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44941/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44941 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44941/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44941/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44941 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA44964 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0869-1: https://rhn.redhat.com/errata/RHSA-2011-0869.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 13:33:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 22:33:28 +0200 Subject: [SEC] [SA44938] GraniteDS AMF3 Object Deserialization Vulnerability Message-ID: <201106152033.p5FKXSHW008131@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: GraniteDS AMF3 Object Deserialization Vulnerability SECUNIA ADVISORY ID: SA44938 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44938/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44938 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44938/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44938/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44938 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Wouter Coekaerts has reported a vulnerability in GraniteDS, which can be exploited by malicious people to compromise a vulnerable system. For more information see vulnerability #1: SA44922 The vulnerability is reported in versions prior to 2.2.1 GA. SOLUTION: Updated to version 2.2.1 GA. PROVIDED AND/OR DISCOVERED BY: Wouter Coekaerts ORIGINAL ADVISORY: GraniteDS: http://www.granitedataservices.com/granite-data-services-2-2-1-ga-released/ http://www.graniteds.org/jira/browse/GDS-868 Wouter Coekaerts: http://wouter.coekaerts.be/2011/amf-arbitrary-code-execution OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 14:27:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 23:27:09 +0200 Subject: [SEC] [SA44796] Debian update for rails Message-ID: <201106152127.p5FLR99H030735@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for rails SECUNIA ADVISORY ID: SA44796 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44796/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44796 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44796/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44796/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44796 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for rails. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA36600 SA37446 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2260-1: http://lists.debian.org/debian-security-announce/2011/msg00130.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 14:48:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 15 Jun 2011 23:48:25 +0200 Subject: [SEC] [SA44922] Adobe LiveCycle / BlazeDS Two Vulnerabilities Message-ID: <201106152148.p5FLmPIP019497@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Adobe LiveCycle / BlazeDS Two Vulnerabilities SECUNIA ADVISORY ID: SA44922 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44922/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44922 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44922/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44922/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44922 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Adobe LiveCycle and BlazeDS, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. 1) An error when handling AMF/AMFX data during object deserialization can be exploited to execute certain class methods. Successful exploitation may allow execution of arbitrary code. 2) An error when processing certain graph objects (e.g. JFrame class) can be exploited to cause a DoS. The vulnerabilities are reported in the following products: * LiveCycle Data Services 3.1, 2.6.1, 2.5.1, and earlier for Windows, Macintosh, and UNIX. * LiveCycle 9.0.0.2, 8.2.1.3, 8.0.1.3, and earlier for Windows, Linux, and UNIX. * BlazeDS 4.0.1 and earlier. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Wouter Coekaerts ORIGINAL ADVISORY: Adobe (APSB11-15): http://www.adobe.com/support/security/bulletins/apsb11-15.html Wouter Coekaerts: http://wouter.coekaerts.be/2011/amf-arbitrary-code-execution OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 15:14:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 00:14:18 +0200 Subject: [SEC] [SA44957] Fedora update for jabberd Message-ID: <201106152214.p5FMEIvT008467@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for jabberd SECUNIA ADVISORY ID: SA44957 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44957/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44957 RELEASE DATE: 2011-06-15 DISCUSS ADVISORY: http://secunia.com/advisories/44957/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44957/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44957 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for jabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44787 SOLUTION: Apply updated packages via the yum utility ("yum update jabberd"). ORIGINAL ADVISORY: FEDORA-2011-7805: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061458.html FEDORA-2011-7818: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061482.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 15:47:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 00:47:53 +0200 Subject: [SEC] [SA43884] Avaya IP Office Manager TFTP Directory Traversal Vulnerability Message-ID: <201106152247.p5FMlrbd030183@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Avaya IP Office Manager TFTP Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA43884 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43884/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43884 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/43884/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43884/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43884 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered a vulnerability in Avaya IP Office Manager, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to an input validation error when processing TFTP requests and can be exploited to download arbitrary files via directory traversal attacks. The vulnerability is reported in the following products (confirmed in Manager version 8.1 (5)): * Avaya B5800 Branch Gateway R6.1. * Avaya IP Office R6.1. * Avaya IP Office R7.0. SOLUTION: Apply updates (please see the vendor's advisory for details). Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Secunia Research. ORIGINAL ADVISORY: ASA-2011-156: https://support.avaya.com/css/P8/documents/100141179 Secunia Research: http://secunia.com/secunia_research/2011-39/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 16:13:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 01:13:48 +0200 Subject: [SEC] [SA43269] Adobe Reader / Acrobat Multiple Vulnerabilities Message-ID: <201106152313.p5FNDmHB019153@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Adobe Reader / Acrobat Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43269 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43269/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43269 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/43269/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43269/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43269 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Reader / Acrobat, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system. 1) An error in 3difr.x3d due to the component trusting the provided string length when processing certain files can be exploited to cause a stack-based buffer overflow. 2) An error in tesselate.x3d due to the component trusting the provided string length when processing certain files can be exploited to cause a stack-based buffer overflow. 3) An unspecified error can be exploited to cause a heap-based buffer overflow. 4) An integer overflow error in ACE.dll when parsing the "desc" ICC chunk can be exploited to corrupt memory via a specially crafted PDF file. 5) An unspecified error can be exploited to corrupt memory. 6) An unspecified error can be exploited to corrupt memory. 7) An error due to the application loading certain unspecified libraries in an insecure manner can be exploited to load arbitrary libraries by tricking a user into e.g. opening a file located on a remote WebDAV or SMB share. 8) Certain unspecified input is not properly sanitised and can be exploited to execute arbitrary script code. 9) An unspecified error can be exploited to bypass certain security restrictions. This vulnerability affects Adobe Reader and Acrobat X 10.x only. 10) An unspecified error can be exploited to corrupt memory. This vulnerability affects 8.x versions only. 11) An unspecified error can be exploited to corrupt memory. 12) An unspecified error can be exploited to corrupt memory. 13) An unspecified error can be exploited to corrupt memory. 14) The application bundles a vulnerable version of Adobe Flash Player. For more information: SA44590 SA44846 The vulnerabilities are reported in the following products: * Adobe Reader X (10.0.1) and earlier for Windows. * Adobe Reader X (10.0.3) and earlier for Macintosh. * Adobe Reader 9.4.4 and earlier for Windows and Macintosh. * Adobe Reader 8.2.6 and earlier for Windows and Macintosh. * Adobe Acrobat X (10.0.3) and earlier for Windows and Macintosh. * Adobe Acrobat 9.4.4 and earlier for Windows and Macintosh. * Adobe Acrobat 8.2.6 and earlier for Windows and Macintosh. SOLUTION: Apply updates (please see the vendor's advisory for details). Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1, 2) An anonymous person via ZDI. 4) Secunia Research. The vendor also credits: 3, 6) Tarjei Mandt, Norman. 5) Rodrigo Rubira Branco. 7) Mila Parkour. 8) Billy Rios, Google Security Team. 9) Christian Navarrete, CubilFelino Security Research Lab. 10) Tavis Ormandy, Google Security Team. 11) Brett Gervasoni, Sense of Security. 12) Will Dormann, CERT/CC. 13) James Quirk, Los Alamos, New Mexico. ORIGINAL ADVISORY: Adobe (APSB11-16): http://www.adobe.com/support/security/bulletins/apsb11-16.html Secunia Research: http://secunia.com/secunia_research/2011-41/ ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-218/ http://www.zerodayinitiative.com/advisories/ZDI-11-219/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 16:48:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 01:48:20 +0200 Subject: [SEC] [SA44950] Google Chrome Flash Player Unspecified Memory Corruption Vulnerability Message-ID: <201106152348.p5FNmKhu008521@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Google Chrome Flash Player Unspecified Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA44950 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44950/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44950 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44950/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44950/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44950 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a bundled vulnerable version of Adobe Flash Player. For more information: SA44964 SOLUTION: Update to version 12.0.742.100. PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day in Adobe Flash Player. ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.com/2011/06/stable-beta-channel-updates.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 17:15:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 02:15:53 +0200 Subject: [SEC] [SA44963] SUSE update for kernel Message-ID: <201106160015.p5G0Fr4P029961@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA44963 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44963/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44963 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44963/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44963/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44963 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA41220 SA41462 SA42035 SA43056 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0635-1: https://hermes.opensuse.org/messages/8762240 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 17:48:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 02:48:06 +0200 Subject: [SEC] [SA44964] Adobe Flash Player Unspecified Memory Corruption Vulnerability Message-ID: <201106160048.p5G0m6IZ019215@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Adobe Flash Player Unspecified Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA44964 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44964/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44964 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44964/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44964/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44964 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Adobe Flash Player, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error and can be exploited to corrupt memory. No further information is currently available. Successful exploitation allows execution of arbitrary code. NOTE: The vulnerability is reportedly being actively exploited in targeted attacks. The vulnerability is reported in the following versions: * Adobe Flash Player 10.3.181.23 and earlier versions for Windows, Macintosh, Linux and Solaris. * Adobe Flash Player 10.3.185.23 and earlier versions for Android. * Adobe Flash Player versions prior to 10.3.181.26 for Chrome. SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported as a 0-day. ORIGINAL ADVISORY: Adobe (APSB11-18): http://www.adobe.com/support/security/bulletins/apsb11-18.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 18:14:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 03:14:20 +0200 Subject: [SEC] [SA43013] Adobe ColdFusion Multiple Vulnerabilities Message-ID: <201106160114.p5G1EKQb008201@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Adobe ColdFusion Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43013 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43013/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43013 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/43013/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43013/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43013 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe ColdFusion, which can be exploited by malicious people to conduct cross-site request forgery attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) The administrative interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add a user with administrative privileges by tricking the logged in administrator into visiting a malicious web site. 2) An unspecified error can be exploited to cause a DoS. No further information is currently available. 3) Some vulnerabilities are caused due to vulnerabilities in the bundled version of Adobe BlazeDS. For more information: SA44922 The vulnerabilities are reported in versions 9.0.1, 9.0, 8.0.1, and 8.0 for Windows, Macintosh, and UNIX. SOLUTION: Apply updates (please see the vendor's advisory for details). Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) Sow Ching Shiong via Secunia 2) The vendor credits Pete Freitag, Foundeo ORIGINAL ADVISORY: Adobe (APSB11-14): http://www.adobe.com/support/security/bulletins/apsb11-14.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 18:47:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 03:47:49 +0200 Subject: [SEC] [SA44958] Fedora update for wireshark Message-ID: <201106160147.p5G1lnZQ029911@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for wireshark SECUNIA ADVISORY ID: SA44958 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44958/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44958 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44958/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44958/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44958 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44449 SOLUTION: Apply updated packages via the yum utility ("yum update wireshark"). ORIGINAL ADVISORY: FEDORA-2011-7846: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061437.html FEDORA-2011-7858: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061477.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 19:18:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 04:18:53 +0200 Subject: [SEC] [SA44898] Microsoft Windows SMB Client Response Parsing Vulnerability Message-ID: <201106160218.p5G2IreY020739@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows SMB Client Response Parsing Vulnerability SECUNIA ADVISORY ID: SA44898 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44898/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44898 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44898/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44898/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44898 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error in the Server Message Block (SMB) client and can be exploited via a specially crafted SMB response to a request. Successful exploitation allows execution of arbitrary code, but requires tricking a user into connecting to a malicious SMB server. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-043 (KB2536276): http://www.microsoft.com/technet/security/Bulletin/MS11-043.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 19:46:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 04:46:38 +0200 Subject: [SEC] [SA44874] PHP Form-Based File Upload Path Injection Vulnerability Message-ID: <201106160246.p5G2kcb9009790@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: PHP Form-Based File Upload Path Injection Vulnerability SECUNIA ADVISORY ID: SA44874 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44874/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44874 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44874/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44874/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44874 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Krzysztof Kotowicz has reported a vulnerability in PHP, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the "SAPI_POST_HANDLER_FUNC()" function in rfc1867.c when handling file names via a "multipart/form-data" POST request. This can be exploited to append a "/" or "\" character before the file name and e.g. delete files from the root directory. The vulnerability is reported in version 5.3.6. Other versions may also be affected. SOLUTION: Fixed in the SVN repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Krzysztof Kotowicz ORIGINAL ADVISORY: PHP: http://bugs.php.net/bug.php?id=54939 Krzysztof Kotowicz: http://pastebin.com/1edSuSVN OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 20:12:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 05:12:11 +0200 Subject: [SEC] [SA44873] Ubuntu update for gimp Message-ID: <201106160312.p5G3CBxj031140@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for gimp SECUNIA ADVISORY ID: SA44873 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44873/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44873 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44873/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44873/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44873 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA42771 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1147-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001350.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 20:47:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 05:47:47 +0200 Subject: [SEC] [SA44933] Microsoft Office for Mac Two Unspecified Vulnerabilities Message-ID: <201106160347.p5G3llsk020537@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Office for Mac Two Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA44933 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44933/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44933 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44933/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44933/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44933 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Office for Mac, which can be exploited by malicious people to compromise a user's system. For more information see vulnerabilities #2 and #4: SA44901 Successful exploitation allows execution of arbitrary code via specially crafted Excel files. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: MS11-045 (KB2537146, KB2555784): http://www.microsoft.com/technet/security/Bulletin/MS11-045.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 21:13:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 06:13:49 +0200 Subject: [SEC] [SA44733] Microsoft Windows OLE Automation WMF Image Parsing Vulnerability Message-ID: <201106160413.p5G4Dn75009519@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Windows OLE Automation WMF Image Parsing Vulnerability SECUNIA ADVISORY ID: SA44733 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44733/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44733 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44733/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44733/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44733 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in Object Linking and Embedding (OLE) Automation (oleaut32.dll) when parsing a Windows Metafile (WMF) images. Successful exploitation allows execution of arbitrary code via a specially crafted web page. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Yamata Li, Palo Alto Networks. ORIGINAL ADVISORY: MS11-038 (KB2476490): http://www.microsoft.com/technet/security/Bulletin/MS11-038.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 15 21:48:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 06:48:24 +0200 Subject: [SEC] [SA44870] Ubuntu update for libmodplug Message-ID: <201106160448.p5G4mOxN031266@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for libmodplug SECUNIA ADVISORY ID: SA44870 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44870/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44870 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44870/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44870/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44870 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libmodplug. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA44054 SA44388 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1148-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001351.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 10:34:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 19:34:22 +0200 Subject: [SEC] [SA44980] SUSE update for ConsoleKit Message-ID: <201106161734.p5GHYMx8015439@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for ConsoleKit SECUNIA ADVISORY ID: SA44980 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44980/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44980 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44980/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44980/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44980 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for ConsoleKit. This fixes a weakness, which can be exploited by malicious users to potentially gain escalated privileges. The weakness is caused due to improper handling of the "is-local" property and may lead to additional privileges being granted to remote users. SOLUTION: Apply updated packages via the zypper package manager. PROVIDED AND/OR DISCOVERED BY: Pierre Ossman within a Red Hat bug report. ORIGINAL ADVISORY: Red Hat Bug#585952: https://bugzilla.redhat.com/show_bug.cgi?id=585952 openSUSE-SU-2011:0639-1: https://hermes.opensuse.org/messages/8782872 SUSE-SU-2011:0638-1: https://hermes.opensuse.org/messages/8782891 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 11:35:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 20:35:37 +0200 Subject: [SEC] [SA44955] ClearSCADA Cross-Site Scripting and Buffer Overflow Vulnerabilities Message-ID: <201106161835.p5GIZbU1005991@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: ClearSCADA Cross-Site Scripting and Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA44955 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44955/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44955 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44955/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44955/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44955 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in ClearSCADA, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) A use-after-free error exists within the application, which can be exploited to cause a heap-based buffer overflow by sending overly long strings. Successful exploitation of this vulnerability may allow execution of arbitrary code. The vulnerabilities are reported the following products: * ClearSCADA 2005 (all versions) * ClearSCADA 2007 (all versions) * ClearSCADA 2009 (all versions except R2.3 and R1.4) SOLUTION: Update to a fixed version. Please see the CERT advisory for more information. PROVIDED AND/OR DISCOVERED BY: US-CERT credits Digital Bond. ORIGINAL ADVISORY: Digital Bond: http://www.digitalbond.com/scadapedia/vulnerability-notes/heap-overflow-vulnerability/ http://www.digitalbond.com/scadapedia/vulnerability-notes/control-microsystems-cross-site-scripting-vulnerability/ US-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-10-314-01A.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 12:35:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 21:35:46 +0200 Subject: [SEC] [SA44961] Siemens SIMATIC S7-1200 Controller Communication Replay and Denial of Service Message-ID: <201106161935.p5GJZks1028909@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Siemens SIMATIC S7-1200 Controller Communication Replay and Denial of Service SECUNIA ADVISORY ID: SA44961 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44961/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44961 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44961/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44961/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44961 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Siemens SIMATIC S7-1200, which can be exploited by malicious people to disclose sensitive information and cause a DoS (Denial of Service). 1) The engineering software sends unencrypted data to the Programmable Logic Controllers (PLC), which can be exploited to replay commands sent by the engineering software via e.g. Man-in-the-Middle (MitM) attacks. 2) An unspecified error within the web server can be exploited to cause a DoS. No further information is currently available. The vulnerabilities are reported in firmware version 02.00.02. Other versions may also be affected. SOLUTION: The vendor recommends to disable the web server. Reportedly, the vulnerabilities will be fixed in an upcoming version. PROVIDED AND/OR DISCOVERED BY: Dillon Beresford, NSS Labs. ORIGINAL ADVISORY: Siemens: http://support.automation.siemens.com/dnl/TY/TYzNTUxOQAA_50428932_Akt/Siemens_Security_Advisory_SSA-625789.pdf http://support.automation.siemens.com/WW/llisapi.dll?func=cslib.csinfo&lang=en&objid=50428932&caller=view Dillon Beresford: http://news.infracritical.com/pipermail/scadasec/2011-May/019934.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 13:34:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 22:34:26 +0200 Subject: [SEC] [SA44965] SUSE update for libvirt Message-ID: <201106162034.p5GKYQvk019359@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for libvirt SECUNIA ADVISORY ID: SA44965 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44965/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44965 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44965/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44965/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44965 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions. For more information: SA40758 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0643-1: https://hermes.opensuse.org/messages/8795083 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 14:29:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 23:29:31 +0200 Subject: [SEC] [SA44949] IBM Unica NetInsight "lo" Cross-Site Scripting Vulnerability Message-ID: <201106162129.p5GLTVMh009646@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: IBM Unica NetInsight "lo" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44949 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44949/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44949 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44949/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44949/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44949 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM Unica NetInsight, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "lo" parameter e.g. in "search/csass/search" is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Hernan Hegykozi and Ivan Sanchez. ORIGINAL ADVISORY: http://www.evilcode.com.ar/index.php/advisories/ibm-unica-netinsight-ibm-websites.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 14:53:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 16 Jun 2011 23:53:02 +0200 Subject: [SEC] [SA44966] N-13 News "id" and "pid" Cross-Site Scripting Vulnerabilities Message-ID: <201106162153.p5GLr2jN030908@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: N-13 News "id" and "pid" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44966 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44966/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44966 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44966/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44966/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44966 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in N-13 News, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "id" and "pid" parameters to admin.php (when "action" is set to "editcomments" and "edit" is set to "true") is not properly sanitised in modules/editcomments.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "pid" parameter to admin.php (when "action" is set to "editcomments" and "id" is set to a valid value) is not properly sanitised in modules/editcomments.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 4.0.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23005: http://www.htbridge.ch/advisory/multiple_xss_in_n_13_news.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 15:14:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 00:14:06 +0200 Subject: [SEC] [SA44944] Debian update for moodle Message-ID: <201106162214.p5GME6C9019672@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for moodle SECUNIA ADVISORY ID: SA44944 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44944/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44944 RELEASE DATE: 2011-06-16 DISCUSS ADVISORY: http://secunia.com/advisories/44944/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44944/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44944 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for moodle. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks and by malicious people to disclose certain sensitive information, conduct cross-site scripting, and cross-site request forgery attacks. For more information: SA43570 SA44630 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2262-1: http://www.debian.org/security/2011/dsa-2262 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 15:49:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 00:49:02 +0200 Subject: [SEC] [SA44134] Trend Micro Control Manager "ApHost" Cross-Site Scripting Vulnerability Message-ID: <201106162249.p5GMn2Fc009052@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Trend Micro Control Manager "ApHost" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44134 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44134/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44134 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44134/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44134/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44134 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sow Ching Shiong has discovered a vulnerability in Trend Micro Control Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "ApHost" parameter to /commoncgi/servlet/CCGIServlet is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 5.5 (Build 1250). Other versions may also be affected. SOLUTION: Apply hotfix 1435. Please contact the vendor for details. PROVIDED AND/OR DISCOVERED BY: Sow Ching Shiong via Secunia. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 16:14:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 01:14:41 +0200 Subject: [SEC] [SA44956] JustSystems Ichitaro Document Parsing Vulnerability Message-ID: <201106162314.p5GNEf0R030431@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: JustSystems Ichitaro Document Parsing Vulnerability SECUNIA ADVISORY ID: SA44956 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44956/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44956 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44956/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44956/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44956 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in JustSystems Ichitaro, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error while parsing certain documents. No further information is currently available. SOLUTION: Apply patch if available. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: JustSystems: http://www.justsystems.com/jp/info/js11001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 16:48:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 01:48:15 +0200 Subject: [SEC] [SA44924] SUSE update for flash-player Message-ID: <201106162348.p5GNmFeJ019742@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for flash-player SECUNIA ADVISORY ID: SA44924 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44924/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44924 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44924/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44924/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44924 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for flash-player. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA44964 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0637-1: https://hermes.opensuse.org/messages/8782873 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 17:16:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 02:16:25 +0200 Subject: [SEC] [SA44909] IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability Message-ID: <201106170016.p5H0GPtX008832@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44909 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44909/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44909 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44909/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44909/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44909 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Core Security Technologies has reported a vulnerability in IBM WebSphere Application Server, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. disable the administrative security option in the master configuration by tricking a logged in administrative user into visiting a malicious web site. The vulnerability is reported in version 7.0.0.11 and 7.0.0.13. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: Francisco Falcon, Core Security Technologies and Alejandro Rodriguez. ORIGINAL ADVISORY: CORE-2010-1021: http://www.coresecurity.com/content/IBM-WebSphere-CSRF OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 17:49:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 02:49:27 +0200 Subject: [SEC] [SA44939] Red Hat update for tigervnc Message-ID: <201106170049.p5H0nRxG030524@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for tigervnc SECUNIA ADVISORY ID: SA44939 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44939/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44939 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44939/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44939/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44939 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for tigervnc. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information. The security issue is caused due to the vncviewer not properly validating the X.509 certificate of a TLS VNC server before providing client credentials. This can be exploited to e.g. disclose logon credentials of a user by tricking the user into connecting to a malicious server. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Brian Hinz ORIGINAL ADVISORY: Tigervnc-devel: http://www.mail-archive.com/tigervnc-devel at lists.sourceforge.net/msg01342.html RHSA-2011:0871-01: https://rhn.redhat.com/errata/RHSA-2011-0871.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 18:15:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 03:15:25 +0200 Subject: [SEC] [SA44971] Debian update for redmine Message-ID: <201106170115.p5H1FP1q019492@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for redmine SECUNIA ADVISORY ID: SA44971 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44971/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44971 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44971/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44971/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44971 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for redmine. This fixes some vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct script insertion attacks and compromise a vulnerable system. For more information: SA42741 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2261-1: http://lists.debian.org/debian-security-announce/2011/msg00131.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 18:49:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 03:49:27 +0200 Subject: [SEC] [SA44977] Fedora update for tomboy Message-ID: <201106170149.p5H1nRTM008850@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Fedora update for tomboy SECUNIA ADVISORY ID: SA44977 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44977/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44977 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44977/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44977/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44977 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for tomboy. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA26480 SOLUTION: Apply updated packages via the yum utility ("yum update tomboy"). ORIGINAL ADVISORY: FEDORA-2011-7994: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061553.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 19:24:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 04:24:17 +0200 Subject: [SEC] [SA44953] N-13 News Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201106170224.p5H2OHBt031115@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: N-13 News Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44953 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44953/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44953 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44953/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44953/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44953 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in N-13 News, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "id" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "parent" POST parameter to index.php (when "rating" is set to "true") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "id" parameter to admin.php (when "action" is set to "options", "edit" is set to "true", and "mod" is set to "newscats") is not properly sanitised in modules/modcategories.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Input passed via the "catid" parameter to admin.php (when "action" is set to "options", "edit" is set to "true", and "mod" is set to "imageuploads") is not properly sanitised in modules/modimageuploads.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 4.0.1. Prior versions may also be affected. SOLUTION: Update to version 4.0.2. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23005: http://www.htbridge.ch/advisory/multiple_xss_in_n_13_news.html http://network-13.com/thread/3461-1-N-13-News-4-0-2-available-for-download OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 19:48:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 04:48:07 +0200 Subject: [SEC] [SA44974] Ubuntu update for nagios3 Message-ID: <201106170248.p5H2m7nC019992@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for nagios3 SECUNIA ADVISORY ID: SA44974 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44974/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44974 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44974/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44974/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44974 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for nagios3. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA43287 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1151-1: http://www.ubuntu.com/usn/usn-1151-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 20:13:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 05:13:51 +0200 Subject: [SEC] [SA44936] DJabberd Nested XML Entities Denial of Service Vulnerability Message-ID: <201106170313.p5H3Dp2m008968@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: DJabberd Nested XML Entities Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44936 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44936/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44936 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44936/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44936/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44936 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Wouter Coekaerts has reported a vulnerability in DJabberd, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the parsing of certain XML input, which can be exploited to e.g. cause a high CPU and memory consumption via heavily nested XML entities. The vulnerability is reported in versions prior to 0.85. SOLUTION: Update to version 0.85. PROVIDED AND/OR DISCOVERED BY: Wouter Coekaerts ORIGINAL ADVISORY: DJabberd: http://groups.google.com/group/djabberd/browse_thread/thread/47974331c37e54c5 Wouter Coekaerts: http://wouter.coekaerts.be/2011/jabber-dos OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 20:50:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 05:50:12 +0200 Subject: [SEC] [SA44877] IBM Lotus Notes KeyView File Processing Vulnerabilities Message-ID: <201106170350.p5H3oC3n030810@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: IBM Lotus Notes KeyView File Processing Vulnerabilities SECUNIA ADVISORY ID: SA44877 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44877/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44877 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44877/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44877/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44877 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system. For more information: SA44820 SOLUTION: Do not open documents from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Will Dormann and Jared Allar, CERT/CC. ORIGINAL ADVISORY: US-CERT (VU#126159): http://www.kb.cert.org/vuls/id/126159 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 16 21:14:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 06:14:21 +0200 Subject: [SEC] [SA44835] Polycom SoundPoint IP Phones Information Disclosure Vulnerability Message-ID: <201106170414.p5H4ELwm019694@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Polycom SoundPoint IP Phones Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA44835 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44835/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44835 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44835/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44835/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44835 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Polycom SoundPoint IP Phones, which can be exploited by malicious people to disclose sensitive information. The vulnerability is caused due to the application allowing access to the reg_1.html configuration file without verifying credentials and can be exploited to e.g. disclose certain SIP information. The vulnerability is reported in firmware versions prior to 3.2.x. SOLUTION: Update to firmware version 3.2.x or later. PROVIDED AND/OR DISCOVERED BY: Pr0T3cT10n OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 10:33:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 19:33:56 +0200 Subject: [SEC] [SA44923] Microsoft Word Insufficient Pointer Validation Vulnerability Message-ID: <201106171733.p5HHXu6n011054@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Microsoft Word Insufficient Pointer Validation Vulnerability SECUNIA ADVISORY ID: SA44923 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44923/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44923 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44923/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44923/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44923 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Protek Research Lab's has discovered a vulnerability in Microsoft Word, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a certain value in a document being used as a pointer, which can be exploited to corrupt memory via a specially crafted document. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 10.6866.6870. Other versions may also be affected. SOLUTION: Do not open Office files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Francis Provencher, Protek Research Lab's. ORIGINAL ADVISORY: http://www.protekresearchlab.com/index.php?option=com_content&view=article&id=27&Itemid=27 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 11:34:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 20:34:38 +0200 Subject: [SEC] [SA44987] WeBid "maxprice" SQL Injection Vulnerability Message-ID: <201106171834.p5HIYcli001530@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: WeBid "maxprice" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44987 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44987/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44987 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44987/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44987/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44987 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in WeBid, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "maxprice" parameter to adsearch.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: This can further be exploited to conduct script insertion attacks. The vulnerability is confirmed in version 1.0.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Saif El-Sherei OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 12:33:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 21:33:52 +0200 Subject: [SEC] [SA44927] NetBSD 802.11 "IEEE80211_IOC_CHANINFO" IOCTL Signedness Weakness Message-ID: <201106171933.p5HJXq8j024476@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: NetBSD 802.11 "IEEE80211_IOC_CHANINFO" IOCTL Signedness Weakness SECUNIA ADVISORY ID: SA44927 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44927/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44927 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44927/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44927/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44927 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in NetBSD, which can be exploited by malicious, local users to disclose certain system information. The weakness is caused due to a signedness error in sys/net80211/ieee80211_ioctl.c when handling the "IEEE80211_IOC_CHANINFO" IOCTL and can be exploited to disclose some kernel memory. Successful exploitation requires a non-x86 based platform. SOLUTION: Fixed in the CVS repository. PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: http://seclists.org/oss-sec/2011/q2/623 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 13:34:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 22:34:10 +0200 Subject: [SEC] [SA44925] iPUX ICS1033 Undocumented Account Security Issue Message-ID: <201106172034.p5HKYAf2014992@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: iPUX ICS1033 Undocumented Account Security Issue SECUNIA ADVISORY ID: SA44925 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44925/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44925 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44925/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44925/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44925 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in iPUX ICS1033, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the appliance including an undocumented "productmaker" account with default credentials. This can be exploited to gain access to the web and Telnet interfaces and e.g. conduct command injection attacks. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Roberto Paleari ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-06/0064.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 14:29:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 23:29:20 +0200 Subject: [SEC] [SA44903] TRENDnet TV-IP422W Undocumented Account Security Issue Message-ID: <201106172129.p5HLTKdX005266@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: TRENDnet TV-IP422W Undocumented Account Security Issue SECUNIA ADVISORY ID: SA44903 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44903/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44903 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44903/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44903/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44903 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in TRENDnet TV-IP422W, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the appliance including an undocumented "productmaker" account with default credentials. This can be exploited to gain access to the web and Telnet interfaces and e.g. conduct command injection attacks. SOLUTION: Update to the latest firmware when available. Please contact the vendor for more details. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Roberto Paleari ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-06/0064.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 14:49:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 17 Jun 2011 23:49:25 +0200 Subject: [SEC] [SA45000] FreeBSD 802.11 "IEEE80211_IOC_CHANINFO" IOCTL Signedness Weakness Message-ID: <201106172149.p5HLnPx8026402@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: FreeBSD 802.11 "IEEE80211_IOC_CHANINFO" IOCTL Signedness Weakness SECUNIA ADVISORY ID: SA45000 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45000/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45000 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/45000/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45000/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45000 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in FreeBSD, which can be exploited by malicious, local users to disclose certain system information. For more information: SA44927 SOLUTION: Fixed in the CVS repository. PROVIDED AND/OR DISCOVERED BY: Dan Rosenberg ORIGINAL ADVISORY: http://seclists.org/oss-sec/2011/q2/623 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 15:13:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 00:13:15 +0200 Subject: [SEC] [SA44952] Group-Office Multiple SQL Injection Vulnerabilities Message-ID: <201106172213.p5HMDFLa015288@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Group-Office Multiple SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA44952 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44952/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44952 RELEASE DATE: 2011-06-17 DISCUSS ADVISORY: http://secunia.com/advisories/44952/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44952/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44952 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Group-Office, which can be exploited by malicious users to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions prior to 3.7.23. SOLUTION: Update to version 3.7.23. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://freshmeat.net/projects/group-office/releases/333175 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 15:48:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 00:48:55 +0200 Subject: [SEC] [SA44972] Mozilla Firefox WebGL Graphics Memory Information Disclosure Weakness Message-ID: <201106172248.p5HMmtSJ004695@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Mozilla Firefox WebGL Graphics Memory Information Disclosure Weakness SECUNIA ADVISORY ID: SA44972 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44972/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44972 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44972/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44972/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44972 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Context has reported a weakness in Mozilla Firefox, which can be exploited by malicious people to disclose potentially sensitive information. An unspecified error in the WebGL implementation can be exploited to disclose certain information e.g. screenshots of a victim's desktop. The weakness is reported in version 4.0.1. Other versions may also be affected. SOLUTION: The vendor recommends to disable WebGL. The vendor has scheduled a fix for 2011-06-21. PROVIDED AND/OR DISCOVERED BY: Context. ORIGINAL ADVISORY: Mozilla: http://blog.mozilla.com/security/2011/06/16/webgl-graphics-memory-stealing-issue/ Context: http://www.contextis.com/resources/blog/webgl2/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 16:14:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 01:14:40 +0200 Subject: [SEC] [SA44918] Digicom IP CAMERA 100W Undocumented Account Security Issue Message-ID: <201106172314.p5HNEehH026090@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Digicom IP CAMERA 100W Undocumented Account Security Issue SECUNIA ADVISORY ID: SA44918 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44918/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44918 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44918/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44918/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44918 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Digicom IP CAMERA 100W, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the appliance including an undocumented "productmaker" account with default credentials. This can be exploited to gain access to the web and Telnet interfaces and e.g. conduct command injection attacks. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Roberto Paleari ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-06/0064.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 16:49:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 01:49:16 +0200 Subject: [SEC] [SA44942] Ubuntu update for openjdk-6 Message-ID: <201106172349.p5HNnG77015447@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for openjdk-6 SECUNIA ADVISORY ID: SA44942 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44942/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44942 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44942/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44942/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44942 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for openjdk-6. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system. For more information: SA44784 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1154-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001355.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 17:16:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 02:16:24 +0200 Subject: [SEC] [SA44921] IBM Tivoli Business Service Manager Security Bypass Vulnerability Message-ID: <201106180016.p5I0GOli004476@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: IBM Tivoli Business Service Manager Security Bypass Vulnerability SECUNIA ADVISORY ID: SA44921 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44921/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44921 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44921/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44921/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44921 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM Tivoli Business Service Manager, which can be exploited by malicious people to bypass certain security restrictions. For more information see vulnerability #4: SA39838 The vulnerability is reported in version 4.2.1. SOLUTION: Apply Fix Pack 3 when it becomes available. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21502805 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 17:49:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 02:49:01 +0200 Subject: [SEC] [SA44959] Red Hat Network Satellite Server Cross-Site Request Forgery Vulnerability Message-ID: <201106180049.p5I0n1kJ026166@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat Network Satellite Server Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44959 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44959/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44959 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44959/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44959/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44959 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has acknowledged a vulnerability in Red Hat Network Satellite Server, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. create new user accounts or grant administrative privileges to user accounts when a logged-in user visits a specially crafted web page. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Christian Johansson, Bitsec AB and Thomas Biege, SUSE Security Team. ORIGINAL ADVISORY: RHSA-2011:0879-01: https://rhn.redhat.com/errata/RHSA-2011-0879.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 18:15:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 03:15:53 +0200 Subject: [SEC] [SA44960] Red Hat update for jabberd Message-ID: <201106180115.p5I1Frfv015176@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for jabberd SECUNIA ADVISORY ID: SA44960 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44960/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44960 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44960/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44960/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44960 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for jabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44787 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0881-1: https://rhn.redhat.com/errata/RHSA-2011-0881.html RHSA-2011:0882-1: https://rhn.redhat.com/errata/RHSA-2011-0882.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 18:48:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 03:48:48 +0200 Subject: [SEC] [SA44999] GNU Troff "pdfroff" Script Insecure Temporary File Creation Message-ID: <201106180148.p5I1mmoT004472@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: GNU Troff "pdfroff" Script Insecure Temporary File Creation SECUNIA ADVISORY ID: SA44999 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44999/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44999 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44999/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44999/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44999 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in GNU Troff, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerability is caused due to the "pdfroff" script creating temporary files insecurely. This can be exploited via symlink attacks to create or overwrite arbitrary files with the privileges of the user executing the vulnerable script. The vulnerability is reported in version 1.20. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Reported in a Debian bug report by Brian M. Carlson. ORIGINAL ADVISORY: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538330 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 19:18:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 04:18:55 +0200 Subject: [SEC] [SA44985] Ubuntu update for libxml2 Message-ID: <201106180218.p5I2It6u026506@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for libxml2 SECUNIA ADVISORY ID: SA44985 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44985/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44985 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44985/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44985/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44985 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libxml2. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA44711 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1153-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001354.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 19:48:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 04:48:40 +0200 Subject: [SEC] [SA44945] Debian update for movabletype-opensource Message-ID: <201106180248.p5I2meqw015656@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Debian update for movabletype-opensource SECUNIA ADVISORY ID: SA44945 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44945/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44945 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44945/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44945/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44945 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for movabletype-opensource. This fixes two vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, and manipulate certain data. For more information: SA44715 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2263-1: http://lists.debian.org/debian-security-announce/2011/msg00133.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 20:13:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 05:13:30 +0200 Subject: [SEC] [SA43861] SUSE update for groff Message-ID: <201106180313.p5I3DUso004572@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for groff SECUNIA ADVISORY ID: SA43861 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43861/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43861 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/43861/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43861/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43861 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for groff. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA44999 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0642-1: https://hermes.opensuse.org/messages/8795084 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 20:48:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 05:48:25 +0200 Subject: [SEC] [SA44991] OpenVZ update for kernel Message-ID: <201106180348.p5I3mP84026370@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: OpenVZ update for kernel SECUNIA ADVISORY ID: SA44991 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44991/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44991 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44991/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44991/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44991 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: OpenVZ has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS (Denial of Service). For more information: SA42400 SA42963 SA43363 SOLUTION: Update kernel branch RHEL4 to version 023stab054.1. ORIGINAL ADVISORY: http://wiki.openvz.org/Download/kernel/rhel4/023stab054.1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 21:15:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 06:15:07 +0200 Subject: [SEC] [SA44984] Ubuntu update for libvirt Message-ID: <201106180415.p5I4F7h0015379@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Ubuntu update for libvirt SECUNIA ADVISORY ID: SA44984 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44984/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44984 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44984/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44984/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44984 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for libvirt. This fixes two vulnerabilities, which can be exploited by malicious, local users in a guest system to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). For more information: SA40758 SA43670 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1152-1: http://www.ubuntu.com/usn/usn-1152-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 21:48:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 06:48:27 +0200 Subject: [SEC] [SA44978] SUSE update for php5 Message-ID: <201106180448.p5I4mRc1004679@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: SUSE update for php5 SECUNIA ADVISORY ID: SA44978 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44978/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44978 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44978/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44978/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44978 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for php5. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA43328 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0645-1: https://hermes.opensuse.org/messages/8803093 SUSE-SU-2011:0647-1: https://hermes.opensuse.org/messages/8815486 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 17 22:13:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 07:13:34 +0200 Subject: [SEC] [SA44107] Hitachi Web Server Directory Indexes Denial of Service Vulnerability Message-ID: <201106180513.p5I5DYbF026047@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Hitachi Web Server Directory Indexes Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44107 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44107/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44107 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44107/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44107/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44107 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Hitachi Web Server, which can be exploited by malicious people to cause a DoS (Denial of Service). An unspecified error related to the Directory Indexes feature can be exploited to cause a DoS. No further information is currently available. Please see the vendor's advisory for the list of affected versions. SOLUTION: Update to a fixed version. Please see the vendor's advisory for more details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-011/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jun 18 10:34:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 19:34:21 +0200 Subject: [SEC] [SA44968] e107 "user_field" SQL Injection Vulnerability Message-ID: <201106181734.p5IHYLR0014730@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: e107 "user_field" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44968 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44968/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44968 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44968/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44968/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44968 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in e107, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the "user_field" parameter in e107_admin/users_extended.php (when e.g. "add_category" is set) is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires administrative permissions to "Moderate users/bans etc." and that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 0.7.25. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23004: http://www.htbridge.ch/advisory/multiple_vulnerabilities_in_e107_1.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Jun 18 11:34:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 18 Jun 2011 20:34:15 +0200 Subject: [SEC] [SA44954] Red Hat update for java-1.6.0-ibm Message-ID: <201106181834.p5IIYF7E005208@CRON-IX-2.intnet> ---------------------------------------------------------------------- Join Secunia @ FIRST Conference, 12-17 June, Hilton Vienna, Austria See to the presentation "The Dynamics and Threats of End-Point Software Portfolios" by Secunia's Research Analyst Director, Stefan Frei. Read more: http://conference.first.org/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-ibm SECUNIA ADVISORY ID: SA44954 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44954/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44954 RELEASE DATE: 2011-06-18 DISCUSS ADVISORY: http://secunia.com/advisories/44954/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44954/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44954 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA43295 SA41882 SA38355 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0880-1: https://rhn.redhat.com/errata/RHSA-2011-0880.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 10:33:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Jun 2011 19:33:21 +0200 Subject: [SEC] [SA44962] Joomla! Core Design Scriptegrator Unspecified File Inclusion Vulnerability Message-ID: <201106201733.p5KHXLNn021916@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Joomla! Core Design Scriptegrator Unspecified File Inclusion Vulnerability SECUNIA ADVISORY ID: SA44962 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44962/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44962 RELEASE DATE: 2011-06-20 DISCUSS ADVISORY: http://secunia.com/advisories/44962/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44962/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44962 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Core Design Scriptegrator plugin for Joomla!, which can be exploited by malicious people to disclose sensitive information. Certain unspecified input is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is reported in versions prior to 2.0.9. SOLUTION: Update to version 2.0.9. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.greatjoomla.com/extensions/changelog/core-design-scriptegrator-plugin.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 11:32:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Jun 2011 20:32:43 +0200 Subject: [SEC] [SA44997] Joomla! Component Calc Builder "id" SQL Injection Vulnerability Message-ID: <201106201832.p5KIWhUO012411@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Joomla! Component Calc Builder "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44997 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44997/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44997 RELEASE DATE: 2011-06-20 DISCUSS ADVISORY: http://secunia.com/advisories/44997/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44997/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44997 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Calc Builder component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "option" is set to "com_calcbuilder", "controller" is set to "calcbuilder", and "format" is set to "raw") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 0.0.1. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Chip D3 Bi0s OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 12:33:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Jun 2011 21:33:35 +0200 Subject: [SEC] [SA45026] vBulletin vBExperience Module "sort" Cross-Site Scripting Vulnerability Message-ID: <201106201933.p5KJXZSm002938@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: vBulletin vBExperience Module "sort" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45026 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45026/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45026 RELEASE DATE: 2011-06-20 DISCUSS ADVISORY: http://secunia.com/advisories/45026/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45026/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45026 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the vBExperience module for vBulletin, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information see vulnerability #2 in: SA44806 SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Mr.ThieF ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/102370/xperience4-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 13:32:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Jun 2011 22:32:24 +0200 Subject: [SEC] [SA44989] SUSE update for unixODBC Message-ID: <201106202032.p5KKWO1o025815@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for unixODBC SECUNIA ADVISORY ID: SA44989 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44989/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44989 RELEASE DATE: 2011-06-20 DISCUSS ADVISORY: http://secunia.com/advisories/44989/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44989/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44989 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for unixODBC. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library. For more information: SA43679 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0655-1: https://hermes.opensuse.org/messages/8898180 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 14:26:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Jun 2011 23:26:46 +0200 Subject: [SEC] [SA44951] Mozilla Firefox Firebug Extension Net Panel Cross-Context Scripting Vulnerability Message-ID: <201106202126.p5KLQkcH016085@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Mozilla Firefox Firebug Extension Net Panel Cross-Context Scripting Vulnerability SECUNIA ADVISORY ID: SA44951 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44951/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44951 RELEASE DATE: 2011-06-20 DISCUSS ADVISORY: http://secunia.com/advisories/44951/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44951/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44951 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: 5up3rh3i has discovered a vulnerability in the Firebug extension for Mozilla Firefox, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the HTML parser when handling certain script code and can be exploited to e.g. execute arbitrary script code within the "chrome:" context by tricking a user into visiting a malicious website and viewing the HTML output via the Net panel. The vulnerability is confirmed in version 1.7.2. Other versions may also be affected. SOLUTION: Do not visit untrusted websites when using the extension. PROVIDED AND/OR DISCOVERED BY: 5up3rh3i ORIGINAL ADVISORY: http://www.80vul.com/firefox/Firebug%20Firefox%20Extension%20Cross%20Context%20Scripting%20Vulnerability.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 14:47:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 20 Jun 2011 23:47:46 +0200 Subject: [SEC] [SA45010] SUSE update for SUSE Manager Message-ID: <201106202147.p5KLlk8i004831@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for SUSE Manager SECUNIA ADVISORY ID: SA45010 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45010/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45010 RELEASE DATE: 2011-06-20 DISCUSS ADVISORY: http://secunia.com/advisories/45010/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45010/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45010 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for SUSE Manager. This fixes a weakness and a vulnerability, which can be exploited by malicious people to conduct spoofing and cross-site request forgery attacks. For more information: SA44959 1) Input passed via the "url_bounce" parameter to the log-in page is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected page hosted on a trusted domain. SOLUTION: Apply updated packages via the zypper package manager. Please see vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: SUSE-SU-2011:0653-1: https://hermes.opensuse.org/messages/8898155 Tom's Random Thoughts Blog: http://thetoms-random-thoughts.blogspot.com/2011/06/suse-manager-security-update.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 15:12:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 00:12:29 +0200 Subject: [SEC] [SA44990] Sunway pNetPower AngelServer Buffer Overflow Vulnerability Message-ID: <201106202212.p5KMCTZT026182@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Sunway pNetPower AngelServer Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44990 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44990/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44990 RELEASE DATE: 2011-06-20 DISCUSS ADVISORY: http://secunia.com/advisories/44990/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44990/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44990 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sunway pNetPower, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the AngelServer component and can be exploited to cause a heap-based buffer overflow via a specially crafted UDP packet. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 6.1. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Dillon Beresford, NSS Labs. ORIGINAL ADVISORY: http://www.sunwayland.com.cn/news_info_.asp?Nid=3593 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 15:47:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 00:47:07 +0200 Subject: [SEC] [SA44979] EQDKP Plus MediaCenter File Upload Vulnerability Message-ID: <201106202247.p5KMl7YI015569@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: EQDKP Plus MediaCenter File Upload Vulnerability SECUNIA ADVISORY ID: SA44979 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44979/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44979 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44979/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44979/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44979 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in EQDKP Plus, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to the plugins/mediacenter/upload.php script not properly verifying uploaded file types in plugins/mediacenter/include/mediacenter.class.php. This can be exploited to upload e.g. PHP3 files and execute arbitrary PHP code. Successful exploitation requires the "Insert Video" permissions and that the "MediaCenter" plugin is enabled (disabled by default). The vulnerability is confirmed in version 0.6.4.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: HI-TECH ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-06/0389.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 16:12:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 01:12:45 +0200 Subject: [SEC] [SA45033] Sunway ForceControl WebServer Buffer Overflow Vulnerability Message-ID: <201106202312.p5KNCj2W004531@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Sunway ForceControl WebServer Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45033 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45033/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45033 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/45033/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45033/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45033 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sunway ForceControl, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in the WebServer component (httpsvr.exe) and can be exploited to cause a heap-based buffer overflow via a specially crafted URL sent in a web request. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 6.1 SP1, SP2, and SP3. SOLUTION: Apply patches (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Dillon Beresford, NSS Labs. ORIGINAL ADVISORY: http://www.sunwayland.com.cn/news_info_.asp?Nid=3593 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 16:46:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 01:46:56 +0200 Subject: [SEC] [SA45023] Blue Coat ProxySG Core File Information Disclosure Weakness Message-ID: <201106202346.p5KNkuto026305@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Blue Coat ProxySG Core File Information Disclosure Weakness SECUNIA ADVISORY ID: SA45023 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45023/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45023 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/45023/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45023/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45023 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Blue Coat ProxySG, which can be exploited by malicious, local users to disclose sensitive information. The weakness is caused due to the application storing certain unencrypted information e.g. keys and end user authentication data in generated core files. The weakness is reported in versions 6.1 and 6.2. SOLUTION: Updated to a fixed version if available. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://kb.bluecoat.com/index?page=content&id=SA56 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 17:14:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 02:14:57 +0200 Subject: [SEC] [SA44993] Wing FTP Server SSH Public Key Authentication Weakness Message-ID: <201106210014.p5L0Evtm015403@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Wing FTP Server SSH Public Key Authentication Weakness SECUNIA ADVISORY ID: SA44993 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44993/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44993 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44993/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44993/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44993 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Wing FTP Server, which can be exploited by malicious users to bypass certain security restrictions. The weakness is caused due to an error within the SSH authentication mechanism when restricted to public key authentication only and can be exploited to login using a password regardless of the configured restriction. The weakness is reported in versions prior to 3.8.8. SOLUTION: Update to version 3.8.8. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.wftpserver.com/serverhistory.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 17:47:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 02:47:03 +0200 Subject: [SEC] [SA44994] WeblyGo Unspecified Cross-Site Scripting Vulnerability Message-ID: <201106210047.p5L0l3hp004642@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: WeblyGo Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44994 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44994/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44994 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44994/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44994/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44994 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in WeblyGo, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input passed to the application is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 5.20. Please see vendor's advisory for details about affected versions. SOLUTION: Update to version 5.20. PROVIDED AND/OR DISCOVERED BY: JVN credits Yoshihiro Ishikawa, LAC. ORIGINAL ADVISORY: JVN#43386477: http://jvn.jp/en/jp/JVN43386477/index.html JVNDB-2011-000042: http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000042.html WeblyGo Update (Japanese): http://www.kbs.co.jp/jp/tabid/254/Default.aspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 20 18:12:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 03:12:29 +0200 Subject: [SEC] [SA44975] Debian update for linux-2.6 Message-ID: <201106210112.p5L1CTPt026017@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Debian update for linux-2.6 SECUNIA ADVISORY ID: SA44975 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44975/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44975 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44975/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44975/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44975 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for linux-2.6. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to conduct DNS cache poisoning attacks, disclose system information, disclose potentially sensitive information, bypass certain security restrictions, potentially gain escalated privileges, or cause a DoS (Denial of Service), by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA40691 SA42035 SA42061 SA43009 SA43358 SA43537 SA43576 SA43594 SA43693 SA43716 SA43806 SA43841 SA43846 SA44164 SA44220 SA44248 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2264-1: http://www.us.debian.org/security/2011/dsa-2264 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 10:32:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 19:32:34 +0200 Subject: [SEC] [SA44728] Sitemagic CMS "SMExt" Cross-Site Scripting Vulnerability Message-ID: <201106211732.p5LHWYkd026013@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Sitemagic CMS "SMExt" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44728 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44728/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44728 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44728/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44728/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44728 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krstic has discovered a vulnerability in Sitemagic CMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "SMExt" parameter to index.php is not properly sanitised in base/SMController.class.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2010.04.17. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic. ORIGINAL ADVISORY: ZSL-2011-5020: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5020.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 11:32:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 20:32:34 +0200 Subject: [SEC] [SA44982] Mozilla Firefox / Thunderbird Multiple Vulnerabilities Message-ID: <201106211832.p5LIWYfM016529@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Mozilla Firefox / Thunderbird Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44982 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44982/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44982 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44982/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44982/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44982 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA44972 1) Some unspecified errors can be exploited to corrupt memory. No further information is currently available. This vulnerability affects Firefox 3.6.x only. 2) A use-after-free error in the "nsSVGPathSegList::ReplaceItem()" method when processing SVG element lists can be exploited to access an invalid element list when a user supplied callback deletes an object. 3) A use-after-free error in the "nsSVGPointList::AppendElement()" method when processing SVG element lists can be exploited to access an invalid element list when a user supplied callback deletes an object. 4) A use-after-free error in "nsXULCommandDispatcher" when processing XUL documents can be exploited to remove the currently used command updater. Successful exploitation of vulnerabilities #1 - #4 may allow execution of arbitrary code. 5) An error when handling cookies for two domains where one contains a trailing dot character can be exploited to bypass the same-origin policy and disclose a cookie to a third party. The vulnerabilities are reported in the following products: * Firefox versions prior to 3.6.18. * Thunderbird versions prior to 3.1.11. SOLUTION: Update to Firefox version 3.6.18 and Thunderbird version 3.1.11. PROVIDED AND/OR DISCOVERED BY: The vendor credits the following people: 1) Luke Wagner and Gary Kwong. 2 - 4) regenrecht via ZDI. 5) David Chan, Mozilla Security Researcher. ORIGINAL ADVISORY: http://www.mozilla.org/security/announce/2011/mfsa2011-19.html http://www.mozilla.org/security/announce/2011/mfsa2011-20.html http://www.mozilla.org/security/announce/2011/mfsa2011-21.html http://www.mozilla.org/security/announce/2011/mfsa2011-22.html http://www.mozilla.org/security/announce/2011/mfsa2011-23.html http://www.mozilla.org/security/announce/2011/mfsa2011-24.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 12:32:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 21:32:09 +0200 Subject: [SEC] [SA45009] DokuWiki "rss" Script Insertion Vulnerability Message-ID: <201106211932.p5LJW99u007022@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: DokuWiki "rss" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA45009 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45009/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45009 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/45009/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45009/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45009 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in DokuWiki, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "rss" tag when adding a RSS link is not properly sanitised before being displayed. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed. Successful exploitation requires rights to create or modify content. The vulnerability is reported in versions 2010-11-07a and 2011-05-25. Prior versions may also be affected. SOLUTION: Update to version 2011-05-25a. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hotfix Release 2011-05-25a Rincewind: http://www.freelists.org/post/dokuwiki/Hotfix-Release-20110525a-Rincewind GIT Commit: https://github.com/splitbrain/dokuwiki/commit/b52b15965611fc865058c0331b55e4e9bccabd2e OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 13:32:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 22:32:02 +0200 Subject: [SEC] [SA44824] CIDWeb "RefreshSecs" and "RefreshPage" Cross-Site Scripting Vulnerabilities Message-ID: <201106212032.p5LKW2lB029920@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: CIDWeb "RefreshSecs" and "RefreshPage" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44824 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44824/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44824 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44824/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44824/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44824 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in CIDWeb, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "RefreshSecs" and "RefreshPage" parameters to CidWebPwd/errpage.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 1.0.0.0 to 2.3.0.8. SOLUTION: Update or upgrade to version 2.3.0.9. PROVIDED AND/OR DISCOVERED BY: Hugo V?zquez Carames. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 14:25:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 23:25:54 +0200 Subject: [SEC] [SA44986] Linux Kernel Transparent Hugepage Support Denial of Service Weakness Message-ID: <201106212125.p5LLPsSY020164@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Linux Kernel Transparent Hugepage Support Denial of Service Weakness SECUNIA ADVISORY ID: SA44986 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44986/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44986 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44986/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44986/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44986 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The weakness is caused due to an error within the Transparent Hugepage (THP) support in mm/huge_memory.c when MADV_HUGEPAGE regions are configured and can be exploited to cause a kernel panic. The weakness is reported in version 2.6.39.1. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported by Caspar Zhang in a bug report. ORIGINAL ADVISORY: Caspar Zhang: https://bugzilla.kernel.org/show_bug.cgi?id=33682 GIT commit: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=78f11a255749d09025f54d4e2df4fbcb031530e2 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 14:47:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 21 Jun 2011 23:47:03 +0200 Subject: [SEC] [SA44926] IBM Rational Team Concert Cross-Site Scripting Vulnerabilities Message-ID: <201106212147.p5LLl3Ru008935@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: IBM Rational Team Concert Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44926 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44926/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44926 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/44926/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44926/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44926 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in IBM Rational Team Concert, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to unspecified parameters is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 3.0. SOLUTION: Apply APARs PM40308 and PM40311. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PM40308, PM40311): http://www.ibm.com/support/docview.wss?uid=swg1PM40308 http://www.ibm.com/support/docview.wss?uid=swg1PM40311 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 15:12:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 00:12:27 +0200 Subject: [SEC] [SA45016] SAP NetWeaver Multiple Vulnerabilities Message-ID: <201106212212.p5LMCRCb030289@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SAP NetWeaver Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45016 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45016/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45016 RELEASE DATE: 2011-06-21 DISCUSS ADVISORY: http://secunia.com/advisories/45016/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45016/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45016 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in SAP NetWeaver, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and bypass certain security restrictions. 1) An unspecified error within SLD (System Landscape Directory) can be exploited to disclose version information via the /REP and /RWB directories. 2) Input passed via the "test" parameter to the testServlet servlet in the performanceProviderRoot application is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "BSNAME" and "REQID" parameters to the Deployer servlet in Trust Center Service is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) An error within the authentication mechanism in the J2EE Engine can be exploited to bypass the authentication mechanism and e.g. cause a DoS. SOLUTION: Apply fixes (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1, 4) Alexander Polyakov, DSecRG 2, 3) Dmitriy Evdokimov, DSecRG ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1503856 https://service.sap.com/sap/support/notes/1486679 https://service.sap.com/sap/support/notes/1475767 https://service.sap.com/sap/support/notes/1503579 DSECRG-11-023: http://dsecrg.com/pages/vul/show.php?id=323 DSECRG-11-024: http://dsecrg.com/pages/vul/show.php?id=324 DSECRG-11-025: http://dsecrg.com/pages/vul/show.php?id=325 DSECRG-11-026: http://dsecrg.com/pages/vul/show.php?id=326 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 15:47:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 00:47:06 +0200 Subject: [SEC] [SA44983] Debian update for perl Message-ID: <201106212247.p5LMl6wU019674@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Debian update for perl SECUNIA ADVISORY ID: SA44983 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44983/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44983 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/44983/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44983/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44983 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for perl. This fixes a weakness, which can be exploited by malicious people to bypass certain security features. For more information: SA43921 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2265-1: http://lists.debian.org/debian-security-announce/2011/msg00135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 16:12:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 01:12:32 +0200 Subject: [SEC] [SA45004] BlackBerry Tablet OS Flash Player Multiple Vulnerabilities Message-ID: <201106212312.p5LNCWHF008636@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45004 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45004/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45004 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45004/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45004/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45004 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in BlackBerry Tablet OS, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system. The vulnerabilities are caused due to a vulnerable bundled version of Adobe Flash Player. For more information: SA44590 SA44964 The vulnerabilities are reported in versions 1.0.5.2342 and prior. SOLUTION: Update to version 1.0.6 or later. ORIGINAL ADVISORY: http://www.blackberry.com/btsc/KB27365 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 16:48:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 01:48:33 +0200 Subject: [SEC] [SA44701] NNT Change Tracker / Remote Angel Insecure File Permissions Message-ID: <201106212348.p5LNmXIi030472@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: NNT Change Tracker / Remote Angel Insecure File Permissions SECUNIA ADVISORY ID: SA44701 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44701/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44701 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/44701/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44701/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44701 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered a security issue in NNT Change Tracker and Remote Angel, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the applications setting insecure file system permissions on the installation directory. This can be exploited to overwrite any program or library in the "Remote Angel" directory. The security issue is confirmed in the following versions (other versions may also be affected): * NNT Change Tracker version 4.7.1.4. * NNT Remote Angel version 4.7.0.1. SOLUTION: Apply updates. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: Secunia Research ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2011-49/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 21 17:17:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 02:17:47 +0200 Subject: [SEC] [SA45003] Piwik Unspecified PHP Code Execution Vulnerability Message-ID: <201106220017.p5M0Hlpm019618@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Piwik Unspecified PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA45003 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45003/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45003 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45003/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45003/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45003 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Piwik, which can be exploited by malicious people to compromise a vulnerable system. Certain unspecified input is not properly sanitised before being used. This can be exploited to execute arbitrary PHP code. Successful exploitation requires that the "view" access is granted to anonymous users. The vulnerability is reported in versions 1.2, 1.3, and 1.4. SOLUTION: Update to version 1.5. PROVIDED AND/OR DISCOVERED BY: The vendor credits Neal Poole. ORIGINAL ADVISORY: Piwik: http://piwik.org/blog/2011/06/piwik-1-5-security-advisory/ http://piwik.org/blog/2011/06/piwik-1-5-available-ecommerce-analytics/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 10:33:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 19:33:06 +0200 Subject: [SEC] [SA45002] Ubuntu update for firefox and xulrunner Message-ID: <201106221733.p5MHX61v006620@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Ubuntu update for firefox and xulrunner SECUNIA ADVISORY ID: SA45002 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45002/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45002 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45002/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45002/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45002 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA44982 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1149-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001360.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 11:32:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 20:32:09 +0200 Subject: [SEC] [SA45011] Red Hat update for seamonkey Message-ID: <201106221832.p5MIW9QS029490@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Red Hat update for seamonkey SECUNIA ADVISORY ID: SA45011 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45011/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45011 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45011/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45011/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45011 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA44982 SA44972 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0888-01: https://rhn.redhat.com/errata/RHSA-2011-0888.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 12:31:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 21:31:36 +0200 Subject: [SEC] [SA45039] TORQUE Resource Manager Job and Host Name Processing Buffer Overflow Vulnerabilities Message-ID: <201106221931.p5MJVa1M019967@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: TORQUE Resource Manager Job and Host Name Processing Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA45039 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45039/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45039 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45039/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45039/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45039 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in TORQUE Resource Manager, which can be exploited by malicious, local users to gain escalated privileges. 1) A boundary error within src/server/req_quejob.c when processing job names can be exploited to cause a buffer overflow via an overly long string passed as a job name. 2) A boundary error within src/lib/Libnet/get_hostaddr.c when processing host names can be exploited to cause a buffer overflow via an overly long string passed as a host name. The vulnerabilities are reported in versions prior to 2.4.14. SOLUTION: Update to version 2.4.14. PROVIDED AND/OR DISCOVERED BY: Bartlomiej Balcerek ORIGINAL ADVISORY: TORQUE Resource Manager: http://www.clusterresources.com/downloads/torque/CHANGELOGS/torque-2.4.14.CHANGELOG https://bugzilla.redhat.com/show_bug.cgi?id=711463 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 13:31:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 22:31:50 +0200 Subject: [SEC] [SA45024] Ubuntu update for nbd Message-ID: <201106222031.p5MKVoVV010502@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Ubuntu update for nbd SECUNIA ADVISORY ID: SA45024 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45024/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45024 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45024/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45024/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45024 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for nbd. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA18135 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1155-1: http://www.ubuntu.com/usn/usn-1155-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 14:27:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 23:27:26 +0200 Subject: [SEC] [SA45040] Fedora update for torque Message-ID: <201106222127.p5MLRQSj000761@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Fedora update for torque SECUNIA ADVISORY ID: SA45040 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45040/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45040 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45040/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45040/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45040 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for torque. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA45039 SOLUTION: Apply updated packages via the yum utility ("yum update torque"). ORIGINAL ADVISORY: FEDORA-2011-8117: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061645.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 14:47:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 22 Jun 2011 23:47:08 +0200 Subject: [SEC] [SA45015] iGiveTest "userids" SQL Injection Vulnerability Message-ID: <201106222147.p5MLl8ce021920@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: iGiveTest "userids" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45015 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45015/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45015 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45015/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45015/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45015 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Brendan Coles has reported a vulnerability in iGiveTest, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "userids" parameter to users.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 2.1.0. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Brendan Coles ORIGINAL ADVISORY: http://itsecuritysolutions.org/2011-06-22-iGiveTest-2.1.0-SQL-Injection-Vulnerability/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 15:12:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 00:12:43 +0200 Subject: [SEC] [SA45008] Citrix EdgeSight Unspecified Code Execution Vulnerability Message-ID: <201106222212.p5MMChkJ010900@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Citrix EdgeSight Unspecified Code Execution Vulnerability SECUNIA ADVISORY ID: SA45008 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45008/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45008 RELEASE DATE: 2011-06-22 DISCUSS ADVISORY: http://secunia.com/advisories/45008/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45008/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45008 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Citrix EdgeSight, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error and can be exploited via specially crafted packets sent to TCP or UDP port 18747. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in: * Citrix EdgeSight for Active Application Monitoring * Citrix EdgeSight for Load Testing SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits AbdulAziz Hariri via ZDI. ORIGINAL ADVISORY: http://support.citrix.com/article/CTX129699 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 15:47:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 00:47:12 +0200 Subject: [SEC] [SA45018] Easewe FTP OCX ActiveX Control Insecure Methods Message-ID: <201106222247.p5MMlC86032663@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Easewe FTP OCX ActiveX Control Insecure Methods SECUNIA ADVISORY ID: SA45018 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45018/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45018 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45018/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45018/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45018 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in Easewe FTP OCX ActiveX Control, which can be exploited by malicious people to manipulate certain data and compromise a user's system. 1) An insecure "Execute()" method can be exploited to execute an arbitrary program via the "FilePath" parameter. 2) An insecure "Run()" method can be exploited to execute an arbitrary program via the "FilePath" parameter. 3) An insecure "CreateLocalFile()" method can be exploited to create an arbitrary empty file. 4) An insecure "CreateLocalFolder()" method can be exploited to create an arbitrary directory. 5) An insecure "DeleteLocalFile()" method can be exploited to delete an arbitrary file. The vulnerabilities are confirmed in version 4.5.0.9. Other versions may also be affected. SOLUTION: Set the kill-bit for the ActiveX control. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23015: http://www.htbridge.ch/advisory/easewe_ftp_ocx_activex_control_execute_insecure_method.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 16:12:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 01:12:23 +0200 Subject: [SEC] [SA45032] Fedora update for kernel Message-ID: <201106222312.p5MNCNlD021629@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA45032 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45032/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45032 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45032/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45032/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45032 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA41378 SA42765 SA43009 SA43537 SA43806 SA44248 SOLUTION: Apply updated packages via the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2011-6447: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061668.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 16:47:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 01:47:21 +0200 Subject: [SEC] [SA45025] Ubuntu update for tgt Message-ID: <201106222347.p5MNlLnd011014@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Ubuntu update for tgt SECUNIA ADVISORY ID: SA45025 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45025/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45025 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45025/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45025/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45025 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for tgt. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA40495 SA43713 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1156-1: http://www.ubuntu.com/usn/usn-1156-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 17:16:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 02:16:10 +0200 Subject: [SEC] [SA44969] H3C ER5100 Router Web Interface Authentication Bypass Vulnerability Message-ID: <201106230016.p5N0GAO5032534@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: H3C ER5100 Router Web Interface Authentication Bypass Vulnerability SECUNIA ADVISORY ID: SA44969 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44969/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44969 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/44969/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44969/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44969 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: 128bit has reported a vulnerability in H3C ER5100 Router, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the authentication mechanism of the administrative web interface. This can be exploited to bypass authentication checks and gain access to the administrative interface by e.g. appending "userLogin.asp" to the URL. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: 128bit ORIGINAL ADVISORY: http://www.wooyun.org/bugs/wooyun-2010-02268 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 17:46:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 02:46:48 +0200 Subject: [SEC] [SA45012] Red Hat update for firefox Message-ID: <201106230046.p5N0kmQR021722@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Red Hat update for firefox SECUNIA ADVISORY ID: SA45012 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45012/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45012 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45012/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45012/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45012 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA44982 SA44972 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0885-1: https://rhn.redhat.com/errata/RHSA-2011-0885.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 18:11:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 03:11:47 +0200 Subject: [SEC] [SA45038] Red Hat update for thunderbird Message-ID: <201106230111.p5N1Bl6o010678@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Red Hat update for thunderbird SECUNIA ADVISORY ID: SA45038 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45038/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45038 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45038/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45038/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45038 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA44982 SA44972 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0886-1: https://rhn.redhat.com/errata/RHSA-2011-0886.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 22 18:47:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 03:47:30 +0200 Subject: [SEC] [SA45014] Red Hat update for thunderbird Message-ID: <201106230147.p5N1lUVv032506@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Red Hat update for thunderbird SECUNIA ADVISORY ID: SA45014 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45014/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45014 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45014/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45014/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45014 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA44982 SA44972 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0887-1: http://rhn.redhat.com/errata/RHSA-2011-0887.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 10:34:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 19:34:14 +0200 Subject: [SEC] [SA45035] BrewBlogger Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201106231734.p5NHYEc3004836@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: BrewBlogger Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45035 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45035/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45035 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45035/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45035/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45035 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Brendan Coles has discovered multiple vulnerabilities in BrewBlogger, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "style" parameter to index.php (when "page" is set to "brewBlogList") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "styleNumber" and "filterStyle" parameters to sections/reference.inc.php (when "source" is set to "log" and "section" is set to "styles") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 2.3.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Brendan Coles ORIGINAL ADVISORY: http://itsecuritysolutions.org/2011-06-23_BrewBlogger_2.3.2_multiple_security_vulnerabilities/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 11:33:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 20:33:19 +0200 Subject: [SEC] [SA45013] Kofax e-Transactions Sender LEADSmtp ActiveX Control "SaveMessage()" Insecure Method Message-ID: <201106231833.p5NIXJfB028077@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Kofax e-Transactions Sender LEADSmtp ActiveX Control "SaveMessage()" Insecure Method SECUNIA ADVISORY ID: SA45013 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45013/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45013 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45013/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45013/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45013 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in Kofax e-Transactions Sender, which can be exploited by malicious people to manipulate certain data and compromise a user's system. The application bundles a LEADTOOLS LEADSmtp ActiveX control with an insecure "SaveMessage()" method, which allows to create or overwrite arbitrary files. This can be exploited in combination with the "TextualBody" property to create arbitrary files with controlled content. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2.5.3.1288 (LTCML14n.dll version 14.0.0.34). Other versions may also be affected. SOLUTION: Set the kill-bit for the ActiveX control. PROVIDED AND/OR DISCOVERED BY: Originally reported by High-Tech Bridge SA as creation of files with uncontrolled content via the "SaveMessage()" method. Additional details regarding system compromise using controlled content via the "TextualBody" property provided by Secunia Research. ORIGINAL ADVISORY: HTB23016: http://www.htbridge.ch/advisory/kofax_e_transactions_sender_sendbox_activex_control_savemessage_insecure_method.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 12:33:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 21:33:11 +0200 Subject: [SEC] [SA43855] Red Hat update for JBoss Enterprise Web Server Message-ID: <201106231933.p5NJXBPA018949@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Red Hat update for JBoss Enterprise Web Server SECUNIA ADVISORY ID: SA43855 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43855/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43855 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/43855/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43855/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43855 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for JBoss Enterprise Web Server. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, by malicious people to conduct cross-site scripting attacks, and by malicious users and malicious people to cause a DoS (Denial of Service). For more information: SA39574 SA40206 SA41701 SA42337 SA43198 SA44490 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0897-1: https://rhn.redhat.com/errata/RHSA-2011-0897.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 13:33:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 22:33:00 +0200 Subject: [SEC] [SA45027] WordPress AddThis Plugin Compromised Source Packages Backdoor Security Issue Message-ID: <201106232033.p5NKX0N9009791@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: WordPress AddThis Plugin Compromised Source Packages Backdoor Security Issue SECUNIA ADVISORY ID: SA45027 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45027/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45027 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45027/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45027/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45027 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the AddThis plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the distribution of compromised AddThis plugin source code packages containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code. The compromised source files were distributed on June 21st, 2011 and possibly prior. SOLUTION: Manually install version 2.2.0 downloaded after June 21st, 2011. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://wordpress.org/news/2011/06/passwords-reset/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 14:26:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 23:26:27 +0200 Subject: [SEC] [SA45022] Novell Sentinel Log Manager Java and Tomcat Vulnerabilities Message-ID: <201106232126.p5NLQRYe032748@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Novell Sentinel Log Manager Java and Tomcat Vulnerabilities SECUNIA ADVISORY ID: SA45022 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45022/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45022 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/45022/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45022/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45022 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Novell has acknowledged multiple vulnerabilities in Sentinel Log Manager, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) The application bundles a vulnerable version of Java. For more information see vulnerability #1 in: SA43262 2) The application bundles a vulnerable version of Apache Tomcat. For more information: SA42337 SA43194 The vulnerabilities are reported in versions prior to 1.2.0.1. SOLUTION: Update to version 1.2.0.1. ORIGINAL ADVISORY: http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5098550.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 14:47:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 23 Jun 2011 23:47:13 +0200 Subject: [SEC] [SA44995] WoltLab Burning Board Path Disclosure Weakness Message-ID: <201106232147.p5NLlDwB021620@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: WoltLab Burning Board Path Disclosure Weakness SECUNIA ADVISORY ID: SA44995 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44995/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44995 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/44995/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44995/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44995 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in WoltLab Burning Board, which can be exploited by malicious people to disclose certain system information. The weakness is caused due to the application displaying the full installation path in an error message when e.g. the "s[]" parameter passed to index.php is set to an arbitrary value. The weakness is reported in version 3.1.5. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: linc0ln.dll ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17413/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 15:14:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 00:14:09 +0200 Subject: [SEC] [SA44858] NetworkManager PolicyKit "auth_admin" Enforcement Weakness Message-ID: <201106232214.p5NME9Ji010796@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: NetworkManager PolicyKit "auth_admin" Enforcement Weakness SECUNIA ADVISORY ID: SA44858 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44858/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44858 RELEASE DATE: 2011-06-23 DISCUSS ADVISORY: http://secunia.com/advisories/44858/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44858/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44858 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in NetworkManager, which can be exploited by malicious, local users to bypass certain security restrictions. The weakness is caused due to the application not honouring PolicyKit's "auth_admin" action element and can be exploited to create an unsecured Ad-Hoc wireless network. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported in a Red Hat bug. ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=709662 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 15:48:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 00:48:14 +0200 Subject: [SEC] [SA45006] AiCart Multiple SQL Injection Vulnerabilities Message-ID: <201106232248.p5NMmEhK000309@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: AiCart Multiple SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45006 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45006/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45006 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45006/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45006/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45006 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in AiCart, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "pid" and "rid" parameters in store.php and the "nid" parameter in news.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. Note: The vulnerabilities can further be exploited to conduct cross-site scripting attacks via SQL error messages. The vulnerabilities are reported in version 2.0. SOLUTION: Update to a fixed version. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: takeshix ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17410/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 16:13:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 01:13:53 +0200 Subject: [SEC] [SA45017] FanUpdate "pageTitle" Cross-Site Scripting Vulnerability Message-ID: <201106232313.p5NNDrMf021901@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: FanUpdate "pageTitle" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45017 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45017/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45017 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45017/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45017/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45017 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in FanUpdate, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "pageTitle" parameter to header.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that "register_globals" is enabled. The vulnerability is confirmed in version 3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: http://www.htbridge.ch/advisory/xss_in_fanupdate.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 16:48:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 01:48:36 +0200 Subject: [SEC] [SA44996] LibreOffice LWP File Processing Buffer Overflow Vulnerabilities Message-ID: <201106232348.p5NNma0g011472@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: LibreOffice LWP File Processing Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA44996 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44996/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44996 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/44996/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44996/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44996 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in LibreOffice, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to errors in the import filter when processing Lotus Word Pro (LWP) files and can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious LWP file. The vulnerabilities are reported in version 3.3.1 and 3.3.2. Prior versions may also be affected. SOLUTION: Update to version 3.3.3 or 3.4.0. PROVIDED AND/OR DISCOVERED BY: Will Dormann and Jared Allar, CERT/CC via US-CERT. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/953183 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 17:16:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 02:16:15 +0200 Subject: [SEC] [SA45021] WordPress W3 Total Cache Plugin Compromised Source Packages Backdoor Security Issue Message-ID: <201106240016.p5O0GF7C000670@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: WordPress W3 Total Cache Plugin Compromised Source Packages Backdoor Security Issue SECUNIA ADVISORY ID: SA45021 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45021/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45021 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45021/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45021/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45021 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the W3 Total Cache plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the distribution of compromised W3 Total Cache plugin source code packages containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code. The compromised source files were distributed on June 21st, 2011 and possibly prior. SOLUTION: Manually install version 0.9.2.3 downloaded after June 21st, 2011. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://wordpress.org/news/2011/06/passwords-reset/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 23 17:48:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 02:48:46 +0200 Subject: [SEC] [SA45005] WordPress WPtouch Plugin Compromised Source Packages Backdoor Security Issue Message-ID: <201106240048.p5O0mkMj022600@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: WordPress WPtouch Plugin Compromised Source Packages Backdoor Security Issue SECUNIA ADVISORY ID: SA45005 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45005/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45005 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45005/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45005/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45005 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the WPtouch plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the distribution of compromised WPtouch plugin source code packages containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code. The compromised source files were distributed on June 21st, 2011 and possibly prior. SOLUTION: Update to version 1.9.29. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://wordpress.org/news/2011/06/passwords-reset/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 10:32:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 19:32:22 +0200 Subject: [SEC] [SA44973] Asterisk IAX2 Channel Driver "iax2_setoption()" Denial of Service Vulnerability Message-ID: <201106241732.p5OHWMEB020183@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Asterisk IAX2 Channel Driver "iax2_setoption()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44973 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44973/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44973 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/44973/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44973/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44973 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #3 in: SA45048 The vulnerability is reported in versions C.3.6.x and C.3.7.x prior to C.3.7.3. SOLUTION: Update to version C.3.7.3. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://downloads.asterisk.org/pub/security/AST-2011-010.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 11:36:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 20:36:18 +0200 Subject: [SEC] [SA45048] Asterisk Multiple Denial of Service Vulnerabilities Message-ID: <201106241836.p5OIaIxW011251@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Asterisk Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA45048 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45048/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45048 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45048/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45048/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45048 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Asterisk, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An input validation error in the "sipsock_read()" function (channels/chan_sip.c) when processing requests containing a NULL byte can be exploited to corrupt memory and cause a crash via a specially crafted SIP packet. 2) A NULL pointer dereference error in the "get_in_brackets_full()" function (channels/sip/reqresp_parser.c) can be exploited to cause a crash via a specially crafted SIP "Contact" header. 3) An input validation error in the IAX2 channel driver (channels/chan_iax2.c) within the "iax2_setoption()" function can be exploited to access an invalid pointer supplied via a specially crafted option control frame. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply updates or patches. Please see the vendor's advisory for details. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Paul Belanger. 2) The vendor credits jaredmauch. 3) Reported by the vendor. ORIGINAL ADVISORY: Asterisk: http://downloads.asterisk.org/pub/security/AST-2011-008.html http://downloads.asterisk.org/pub/security/AST-2011-009.html http://downloads.asterisk.org/pub/security/AST-2011-010.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 12:35:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 21:35:15 +0200 Subject: [SEC] [SA45045] Avactis Shopping Cart Unspecified Script Insertion and Security Bypass Vulnerabilities Message-ID: <201106241935.p5OJZFEI002048@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Avactis Shopping Cart Unspecified Script Insertion and Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA45045 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45045/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45045 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45045/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45045/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45045 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Avactis Shopping Cart, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct script insertion attacks. 1) An unspecified error can be exploited by an administration user to gain additional permissions. 2) Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed in the storefront. The vulnerabilities are reported in versions prior to 2.1.1. SOLUTION: Update to version 2.1.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.avactis.com/news.php?&n=49&p=1&?source=news_june_23_2011&utm_source=news_june_23_2011 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 13:35:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 22:35:32 +0200 Subject: [SEC] [SA45031] ManageEngine ServiceDesk Plus "FILENAME" File Disclosure Vulnerability Message-ID: <201106242035.p5OKZWLP025381@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: ManageEngine ServiceDesk Plus "FILENAME" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA45031 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45031/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45031 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45031/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45031/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45031 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Keith Lee has reported a vulnerability in ManageEngine ServiceDesk Plus, which can be exploited by malicious users to disclose sensitive information. Input passed via the "FILENAME" parameter to workorder/FileDownload.jsp (when "module" is set to "agent") is not properly verified before before being used to display files. This can be exploited to disclose the contents of arbitrary files from local resources via directory traversal attacks. The vulnerability is reported in version 8.0. Other versions may also be affected. SOLUTION: Update to version 8.0 build 8012. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Keith Lee ORIGINAL ADVISORY: ManageEngine ServiceDesk Plus: http://www.manageengine.com/products/service-desk/readme-8.0.html Keith Lee: http://milo2012.wordpress.com/2011/06/23/vuln-details-for-manageengine-servicedesk-plus-8-0-released/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 14:29:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 23:29:53 +0200 Subject: [SEC] [SA45043] Cybozu Products Mail System Images Cross-Site Scripting Vulnerability Message-ID: <201106242129.p5OLTrfK015969@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Cybozu Products Mail System Images Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45043 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45043/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45043 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45043/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45043/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45043 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple Cybozu products, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input related to downloading images from the mail system is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in: * Cybozu Office * Cybozu Garoon * Cybozu Dezie * Cybozu MailWise * Cybozu Collaborex Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply updates. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: JVN credits Sen UENO, Tricorder Co. Ltd. ORIGINAL ADVISORY: Cybozu: http://cybozu.co.jp/products/dl/notice/detail/0019.html JVN: http://jvn.jp/en/jp/JVN54074460/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000046.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 14:50:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 24 Jun 2011 23:50:34 +0200 Subject: [SEC] [SA44992] Cybozu Office Address Book and User List Cross-Site Scripting Vulnerabilities Message-ID: <201106242150.p5OLoYBx004833@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Cybozu Office Address Book and User List Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44992 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44992/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44992 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/44992/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44992/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44992 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cybozu Office, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input related to the address book and user list functions is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 6 and 7. SOLUTION: Upgrade to version 8.1.1. PROVIDED AND/OR DISCOVERED BY: JVN credits NetAgent Co., Ltd. ORIGINAL ADVISORY: Cybozu: http://cs.cybozu.co.jp/information/20100816notice05.php JVN: http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000047.htm http://jvn.jp/en/jp/JVN55508059/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 15:14:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 00:14:46 +0200 Subject: [SEC] [SA45047] Ubuntu update for curl Message-ID: <201106242214.p5OMEkNs026305@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Ubuntu update for curl SECUNIA ADVISORY ID: SA45047 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45047/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45047 RELEASE DATE: 2011-06-24 DISCUSS ADVISORY: http://secunia.com/advisories/45047/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45047/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45047 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for curl. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks and to cause a DoS (Denial of Service) or compromise an application using the library. For more information: SA36238 SA38427 SA45067 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1158-1: http://www.ubuntu.com/usn/usn-1158-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 15:49:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 00:49:57 +0200 Subject: [SEC] [SA45063] Cybozu Products Images Cross-Site Scripting Vulnerability Message-ID: <201106242249.p5OMnvqH015918@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Cybozu Products Images Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45063 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45063/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45063 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/45063/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45063/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45063 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in two Cybozu products, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input related to downloading images from the bulletin board is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in: * Cybozu Office * Cybozu Garoon Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply updates. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: JVN credits Sen UENO, Tricorder Co. Ltd. ORIGINAL ADVISORY: Cybozu: http://cybozu.co.jp/products/dl/notice/detail/0019.html JVN: http://jvn.jp/en/jp/JVN80877328/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000045.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 16:15:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 01:15:41 +0200 Subject: [SEC] [SA45050] Cybozu Office Address Book and User List Cross-Site Scripting Vulnerabilities Message-ID: <201106242315.p5ONFfTj005047@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Cybozu Office Address Book and User List Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45050 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45050/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45050 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/45050/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45050/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45050 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cybozu Office, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA44992 The vulnerabilities are reported in versions prior to 8.1.1. SOLUTION: Update to version 8.1.1. PROVIDED AND/OR DISCOVERED BY: JVN credits NetAgent Co., Ltd. ORIGINAL ADVISORY: Cybozu: http://cs.cybozu.co.jp/information/20100816notice05.php JVN: http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000047.htm http://jvn.jp/en/jp/JVN55508059/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 16:51:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 01:51:36 +0200 Subject: [SEC] [SA45067] cURL GSSAPI Credential Delegation Weakness Message-ID: <201106242351.p5ONpaT9027117@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: cURL GSSAPI Credential Delegation Weakness SECUNIA ADVISORY ID: SA45067 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45067/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45067 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/45067/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45067/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45067 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in cURL, which can be exploited by malicious people to conduct spoofing attacks. The weakness is caused due to the GSS/Negotiate feature unconditionally performing credential delegation, which allows a server to obtain the client's security credentials. This can be exploited by a malicious server to impersonate the client to any other server using the same GSSAPI mechanism. Successful exploitation requires tricking a user into connecting to a malicious server using the GSS/Negotiate feature. The weakness is reported in versions 7.10.6 through 7.21.6. SOLUTION: Update to version 7.21.7 or apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Richard Silverman. ORIGINAL ADVISORY: http://curl.haxx.se/docs/adv_20110623.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 17:17:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 02:17:26 +0200 Subject: [SEC] [SA45037] Pidgin "gdk_pixbuf__gif_image_load()" Denial of Service Weakness Message-ID: <201106250017.p5P0HQBl016254@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Pidgin "gdk_pixbuf__gif_image_load()" Denial of Service Weakness SECUNIA ADVISORY ID: SA45037 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45037/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45037 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/45037/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45037/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45037 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to an error in the "gdk_pixbuf__gif_image_load()" function and can be exploited to cause memory exhaustion by providing a specially crafted GIF image as buddy icon. The weakness is reported in versions prior to 2.9.0. SOLUTION: Update to version 2.9.0. PROVIDED AND/OR DISCOVERED BY: The vendor credits Mark Doliner. ORIGINAL ADVISORY: http://www.pidgin.im/news/security/?id=52 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 17:50:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 02:50:05 +0200 Subject: [SEC] [SA45049] Movable Type Unspecified File Disclosure Vulnerabilities Message-ID: <201106250050.p5P0o5xj005712@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Movable Type Unspecified File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA45049 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45049/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45049 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/45049/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45049/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45049 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Movable Type, which can be exploited by malicious users to disclose sensitive information. The vulnerabilities are caused due to unspecified errors and can be exploited to disclose the contents of files from local resources. Successful exploitation requires "Create Entries" or "Manage Blog" permissions. SOLUTION: Update to fixed version. Please see vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.movabletype.org/2011/06/movable_type_512_506_and_437_security_updates.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 18:14:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 03:14:45 +0200 Subject: [SEC] [SA44911] Microsoft Lync Web Components Server "reachLocale" Cross-Site Scripting Message-ID: <201106250114.p5P1Ejpc027222@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Microsoft Lync Web Components Server "reachLocale" Cross-Site Scripting SECUNIA ADVISORY ID: SA44911 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44911/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44911 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/44911/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44911/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44911 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Lync 2010, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "reachLocale" parameter in Reach/Client/WebPages/ReachJoin.aspx of the Web Components server is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 4.0.7577.0. Other versions may also be affected. SOLUTION: Reportedly fixed in the April 2011 update (KB2500441). Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Mark Lachniet, Foofus.Net ORIGINAL ADVISORY: http://www.foofus.net/?page_id=372 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 18:50:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 03:50:51 +0200 Subject: [SEC] [SA45007] Mozilla SeaMonkey Multiple Vulnerabilities Message-ID: <201106250150.p5P1op2J016884@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Mozilla SeaMonkey Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45007 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45007/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45007 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/45007/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45007/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45007 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mozilla SeaMonkey, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, and compromise a user's system. For more information: SA44972 SOLUTION: Fixed in version 2.2 Beta 1. The upcoming stable version 2.2 will address the vulnerabilities. ORIGINAL ADVISORY: Mozilla: http://www.mozilla.org/security/announce/2011/mfsa2011-19.html http://www.mozilla.org/security/announce/2011/mfsa2011-20.html http://www.mozilla.org/security/announce/2011/mfsa2011-21.html http://www.mozilla.org/security/announce/2011/mfsa2011-22.html http://www.mozilla.org/security/announce/2011/mfsa2011-25.html http://www.mozilla.org/security/announce/2011/mfsa2011-26.html http://www.mozilla.org/security/announce/2011/mfsa2011-27.html http://www.mozilla.org/security/announce/2011/mfsa2011-28.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 19:20:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 04:20:25 +0200 Subject: [SEC] [SA45054] Apple Mac OS X Multiple Vulnerabilities Message-ID: <201106250220.p5P2KPNq006650@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Apple Mac OS X Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45054 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45054/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45054 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/45054/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45054/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45054 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities. 1) An error within AirPort when handling Wi-Fi frames can be exploited to trigger an out-of-bounds memory access and cause a system reset. NOTE: This vulnerability does not affect Mac OS X 10.6. 2) An error within App Store may lead to a user's AppleID password being logged to a local file. 3) An unspecified error in the handling of embedded TrueType fonts in Apple Type Services (ATS) can be exploited to cause a heap-based buffer overflow when a specially crafted document is viewed or downloaded. 4) An error within Certificate Trust Policy when handling an Extended Validation (EV) certificate with no OCSP URL can be exploited to disclose certain sensitive information via Man-in-the-Middle (MitM) attacks. 5) An integer overflow error when processing ColorSync profiles embedded in images can be exploited to cause a heap-based buffer overflow and potentially execute arbitrary code via a specially crafted image. 6) An off-by-one error within the CoreFoundation framework when handling CFStrings can be exploited to execute arbitrary code. 7) An integer overflow error in CoreGraphics when handling PDF files containing Type 1 fonts can be exploited to cause a buffer overflow via a specially crafted PDF file. 8) A path validation error within xftpd can be exploited to perform a recursive directory listing and disclose the list of otherwise restricted files. 9) An error in ImageIO within the handling of TIFF files can be exploited to cause a heap-based buffer overflow. 10) An error in ImageIO within the handling of JPEG2000 files can be exploited to cause a heap-based buffer overflow. 11) An error within ICU (International Components for Unicode) when handling certain uppercase strings can be exploited to cause a buffer overflow. 12) A NULL pointer dereference error within the kernel when handling IPV6 socket options can be exploited to cause a system reset. 13) An error within Libsystem when using the glob(3) API can be exploited to cause a high CPU consumption. 14) An error within libxslt can be exploited to disclose certain addresses from the heap. For more information see vulnerability #2 in: SA43832 15) An error exists within MobileMe when determining a user's email aliases. This can be exploited to disclose a user's MobileMe email aliases via Man-in-the-Middle (MitM) attacks. 16) Some vulnerabilities are caused due to a vulnerable bundled version of MySQL. For more information: SA41048 SA41716 17) Some vulnerabilities are caused due to a vulnerable bundled version of OpenSSL. For more information: SA37291 SA38807 SA42243 SA42473 SA43227 18) A vulnerability is caused due to a vulnerable bundled version of GNU patch. For more information: SA43677 19) An unspecified error in QuickLook within the processing of Microsoft Office files can be exploited to corrupt memory, which may allow execution of arbitrary code. NOTE: This vulnerability only affects Mac OS X 10.6. 20) An integer overflow error in QuickTime when handling RIFF WAV files can be exploited to execute arbitrary code. 21) An error within QuickTime when processing sample tables in QuickTime movie files can be exploited to corrupt memory, which may allow execution of arbitrary code. 22) An integer overflow error in QuickTime when handling certain movie files can be exploited to execute arbitrary code. 23) An error in QuickTime when handling PICT image files can be exploited to cause a buffer overflow and execute arbitrary code. 24) An error in QuickTime when handling JPEG image files can be exploited to cause a buffer overflow and execute arbitrary code. 25) Some vulnerabilities are caused due to a vulnerable bundled version of Samba. For more information: SA41354 SA43512 26) An error in servermgrd when handling XML-RPC requests can be exploited to disclose arbitrary files from the local resources. 27) A vulnerability is caused due to a vulnerable bundled version of subversion. For more information: SA43603 SOLUTION: Update to version 10.6.8 or apply Security Update 2011-004. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) Paul Nelson 3) Marc Schoenefeld, Red Hat Security Response Team and Harry Sintonen 4) Chris Hawk and Wan-Teh Chang, Google 5) binaryproof via ZDI 6) Harry Sintonen 7) Cristian Draghici, Modulo Consulting and Felix Grobert, Google Security Team 8) team karlkani 9) Dominic Chell, NGS Secure 10) Harry Sintonen 11) David Bienvenu, Mozilla 12) Thomas Clement, Intego 13) Maksymilian Arciemowicz 14) Chris Evans, Google Chrome Security Team 15) Aaron Sigel, vtty.com 19)Tobias Klein via iDefense 20, 22) Luigi Auriemma via ZDI 21) Honggang Ren, Fortinet's FortiGuard Labs 23) Subreption LLC via ZDI 24) Luigi Auriemma via iDefense 1, 26) Reported by the vendor ORIGINAL ADVISORY: Apple Security Update 2011-004: http://support.apple.com/kb/HT4723 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Jun 24 19:48:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 25 Jun 2011 04:48:30 +0200 Subject: [SEC] [SA45057] ActivDesk Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201106250248.p5P2mUMx028328@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: ActivDesk Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45057 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45057/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45057 RELEASE DATE: 2011-06-25 DISCUSS ADVISORY: http://secunia.com/advisories/45057/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45057/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45057 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Brendan Coles has discovered multiple vulnerabilities in ActivDesk, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed to the "keywords0", "keywords1", "keywords2", and "keywords3" parameters in search.cgi is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "cid" parameter in kbcat.cgi and the "kid" parameter in kb.cgi is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 3.0 Trial. Prior versions may also be affected. SOLUTION: Update to version 3.0.1. PROVIDED AND/OR DISCOVERED BY: Brendan Coles ORIGINAL ADVISORY: Brendan Coles: http://itsecuritysolutions.org/2011-06-24-ActivDesk-3.0-multiple-security-vulnerabilities/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 10:31:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Jun 2011 19:31:54 +0200 Subject: [SEC] [SA45080] Winamp Multiple Vulnerabilities Message-ID: <201106271731.p5RHVs7v012672@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Winamp Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45080 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45080/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45080 RELEASE DATE: 2011-06-27 DISCUSS ADVISORY: http://secunia.com/advisories/45080/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45080/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45080 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered multiple vulnerabilities in Winamp, which can be exploited by malicious people to potentially compromise a user's system. 1) An error in vp6.w5s when parsing media files encoded with the On2 TrueMotion VP6 codec where the "version" field value is greater than 8 can be exploited to corrupt memory via a specially crafted FLV file. 2) An error when parsing the "CustomWidth" and "CustomHeight" fields in H263 video content can be exploited to corrupt memory via a specially crafted FLV file. 3) An error in nsvdec_vp5.dll when decompressing frames can be exploited to cause a heap-based buffer overflow via a specially crafted NSV file. 4) An integer overflow error in nsvdec_vp6.dll when parsing screen dimensions can be exploited to corrupt memory via a specially crafted NSV file. 5) An error in nsvdec_vp3.dll in the handling of screen dimensions when decompressing frames can be exploited to cause a heap-based buffer overflow via a specially crafted NSV file. 6) An error in in_mod.dll can be exploited to corrupt memory via a specially crafted IT file. 7) An error in in_midi.dll when handling "Controller" messages can be exploited to cause a heap-based buffer overflow via a specially crafted MIDI file. 8) An error in in_midi.dll when handling "Note On" messages can be exploited to cause a heap-based buffer overflow via a specially crafted file. 9) An error in in_midi.dll when parsing MTrk chunks can be exploited to corrupt memory via a specially crafted file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are confirmed in version 5.61. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/winamp_2-adv.txt http://aluigi.altervista.org/adv/winamp_3-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 11:31:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Jun 2011 20:31:22 +0200 Subject: [SEC] [SA45073] SUSE update for libgnomesu Message-ID: <201106271831.p5RIVMNs003512@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for libgnomesu SECUNIA ADVISORY ID: SA45073 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45073/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45073 RELEASE DATE: 2011-06-27 DISCUSS ADVISORY: http://secunia.com/advisories/45073/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45073/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45073 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libgnomesu. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to the libgnomesu pam backend not checking the return values of the "setuid()" function. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0697-1: https://hermes.opensuse.org/messages/8992680 openSUSE-SU-2011:0694-1: https://hermes.opensuse.org/messages/8992068 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 12:32:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Jun 2011 21:32:16 +0200 Subject: [SEC] [SA45059] ManageEngine SupportCenter Plus "path" File Disclosure Vulnerability Message-ID: <201106271932.p5RJWGDm026842@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: ManageEngine SupportCenter Plus "path" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA45059 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45059/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45059 RELEASE DATE: 2011-06-27 DISCUSS ADVISORY: http://secunia.com/advisories/45059/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45059/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45059 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ManageEngine SupportCenter Plus, which can be exploited by malicious users to disclose sensitive information. Input passed via the "path" parameter to workorder/FileDownload.jsp (when "module" is set to "Request", "ID" is set to "1", and "FILENAME" is set) is not properly verified before being used to display files. This can be exploited to disclose the contents of arbitrary files from local resources via directory traversal attacks. The vulnerability is reported in version 7.8. Other versions may also be affected. SOLUTION: Update to version 7.8 build 7803 or later. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Robert 'xistence' van Hamburg ORIGINAL ADVISORY: ManageEngine SupportCenter Plus: https://supportcenter.wiki.zoho.com/Read-Me-7803.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 13:33:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Jun 2011 22:33:37 +0200 Subject: [SEC] [SA45044] Ubisoft CoGSManager ActiveX Control Buffer Overflow Vulnerability Message-ID: <201106272033.p5RKXbXB017801@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Ubisoft CoGSManager ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45044 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45044/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45044 RELEASE DATE: 2011-06-27 DISCUSS ADVISORY: http://secunia.com/advisories/45044/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45044/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45044 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Ubisoft CoGSManager ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when constructing the name of a language library file. This can be exploited to cause a stack-based buffer overflow via an overly long bstrLanguage argument passed to the "Initialize()" method. The vulnerability is confirmed in version 1.0.0.23. Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/gs4_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 14:26:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Jun 2011 23:26:55 +0200 Subject: [SEC] [SA44981] Apache Tomcat MemoryUserDatabase Password Disclosure Weakness Message-ID: <201106272126.p5RLQtA3008322@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Apache Tomcat MemoryUserDatabase Password Disclosure Weakness SECUNIA ADVISORY ID: SA44981 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44981/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44981 RELEASE DATE: 2011-06-27 DISCUSS ADVISORY: http://secunia.com/advisories/44981/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44981/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44981 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Apache Tomcat, which can be exploited by malicious, local users to disclose sensitive information. The weakness is caused due to an error when creating users via JMX using MemoryUserDatabase. This can lead to the created user's password being logged in Tomcat logs if an exception occurs. The weakness is reported in the following versions: * Apache Tomcat versions 7.0.0 to 7.0.16 * Apache Tomcat versions 6.0.0 to 6.0.32 * Apache Tomcat versions 5.5.0 to 5.5.33 SOLUTION: Fixed in the SVN repository. Update to version 7.0.17, 6.0.33, or 5.5.34 when available. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Polina Genova. ORIGINAL ADVISORY: http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.17_%28not_yet_released%29 http://tomcat.apache.org/security-6.html#Fixed_in_Apache_Tomcat_6.0.33_%28not_yet_released%29 http://tomcat.apache.org/security-5.html#Fixed_in_Apache_Tomcat_5.5.34_%28not_yet_released%29 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 14:46:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 27 Jun 2011 23:46:44 +0200 Subject: [SEC] [SA45001] Dreambox DM800 "file" Arbitrary File Download Vulnerability Message-ID: <201106272146.p5RLkiBK029574@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Dreambox DM800 "file" Arbitrary File Download Vulnerability SECUNIA ADVISORY ID: SA45001 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45001/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45001 RELEASE DATE: 2011-06-27 DISCUSS ADVISORY: http://secunia.com/advisories/45001/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45001/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45001 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Dreambox DM800, which can be exploited by malicious people to disclose sensitive information. Input passed via the "file" parameter to the "file" script is not properly verified before being used to download files. This can be exploited to download arbitrary files from local resources via directory traversal sequences. The vulnerability is reported in firmware version 4.6.0 2009-12-24. SOLUTION: Use a firewall or proxy to filter malicious requests. PROVIDED AND/OR DISCOVERED BY: ShellVision OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 15:12:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 00:12:02 +0200 Subject: [SEC] [SA45072] Nodesforum "_nodesforum_node" SQL Injection Vulnerability Message-ID: <201106272212.p5RMC2CX018685@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Nodesforum "_nodesforum_node" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45072 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45072/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45072 RELEASE DATE: 2011-06-27 DISCUSS ADVISORY: http://secunia.com/advisories/45072/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45072/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45072 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Nodesforum, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "_nodesforum_node" parameter to index.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 1.059. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Andrea Bocchetti OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 15:46:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 00:46:50 +0200 Subject: [SEC] [SA45064] SUSE update for subversion Message-ID: <201106272246.p5RMkojB008269@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for subversion SECUNIA ADVISORY ID: SA45064 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45064/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45064 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45064/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45064/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45064 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for subversion. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43603 SA44681 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0693-1: https://hermes.opensuse.org/messages/8992047 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Jun 27 16:13:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 01:13:19 +0200 Subject: [SEC] [SA45070] SUSE update for subversion Message-ID: <201106272313.p5RNDJ2M029870@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for subversion SECUNIA ADVISORY ID: SA45070 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45070/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45070 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45070/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45070/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45070 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for subversion. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44681 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0695-1: https://hermes.opensuse.org/messages/8992067 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 10:32:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 19:32:12 +0200 Subject: [SEC] [SA45019] Ubuntu update for kernel Message-ID: <201106281732.p5SHWC2Q009352@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA45019 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45019/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45019 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45019/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45019/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45019 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS. For more information: SA43009 SA43358 SA43522 SA43693 SA43716 SA43806 SA43966 SA44164 SA44220 SA44248 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1160-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-June/001363.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 11:35:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 20:35:36 +0200 Subject: [SEC] [SA45071] Novell File Reporter "SRS" Tag Arbitrary File Deletion Vulnerability Message-ID: <201106281835.p5SIZav1000334@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Novell File Reporter "SRS" Tag Arbitrary File Deletion Vulnerability SECUNIA ADVISORY ID: SA45071 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45071/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45071 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45071/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45071/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45071 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Novell File Reporter, which can be exploited by malicious, local users to manipulate certain data. The vulnerability is caused due to an error in the NFR Agent (NFRAgent.exe) when handling "OPERATION " and "CMD" commands in the "SRS" tag and can be exploited to delete arbitrary files via a specially crafted SRS request sent to TCP port 3073. The vulnerability is confirmed in version 1.0.2.54 with NFR Engine 1.0.3.22. Other versions may also be affected. SOLUTION: Restrict access to the system to trusted users only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.org/adv/nfr_2-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 12:31:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 21:31:45 +0200 Subject: [SEC] [SA45074] SUSE update for java-1_6_0-openjdk Message-ID: <201106281931.p5SJVjCU023473@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for java-1_6_0-openjdk SECUNIA ADVISORY ID: SA45074 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45074/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45074 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45074/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45074/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45074 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_6_0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), compromise a user's system, and compromise a vulnerable system. For more information: SA44784 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0706-1: https://hermes.opensuse.org/messages/9046608 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 13:31:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 22:31:56 +0200 Subject: [SEC] [SA45069] Sybase Advantage Database Server Memory Corruption Vulnerability Message-ID: <201106282031.p5SKVuG1014354@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Sybase Advantage Database Server Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA45069 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45069/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45069 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45069/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45069/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45069 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Sybase Advantage Database Server, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to an error in ads.exe when processing certain requests and can be exploited to corrupt memory via a specially crafted packet sent to UDP port 6262. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 10.10.0.6. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/sybase_4-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 14:26:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 23:26:13 +0200 Subject: [SEC] [SA45055] RealityServer Web Services RTMP Server Denial of Service Vulnerability Message-ID: <201106282126.p5SLQDI9004925@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: RealityServer Web Services RTMP Server Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45055 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45055/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45055 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45055/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45055/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45055 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in RealityServer Web Services, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error in the RTMP server functionality when processing certain requests. This can be exploited to crash the service via a specially crafted packet sent to TCP port 1935. The vulnerability is confirmed in version 3.1.1 build 144525.5057. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/realityserver_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 14:47:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 28 Jun 2011 23:47:15 +0200 Subject: [SEC] [SA45079] HP Operations Manager OV Communication Broker Arbitrary File Deletion Message-ID: <201106282147.p5SLlF98026240@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: HP Operations Manager OV Communication Broker Arbitrary File Deletion SECUNIA ADVISORY ID: SA45079 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45079/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45079 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45079/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45079/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45079 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in HP Operations Manager, which can be exploited by malicious people to delete files on a vulnerable system. The vulnerability is caused due to the OV Communications Broker service (ovbbccb.exe) deleting a file specified in a received "Register" request. This can be exploited to delete arbitrary files on the system via specially crafted "Register" requests sent to TCP port 383. The vulnerability is confirmed in HP Performance Agent 4.70 bundling ovbbccb.exe version 6.10.50.0 and HP Operations Manager 8.10 bundling ovbbccb.exe version 6.10.70.0. Other versions may also be affected. SOLUTION: Restrict access to the OV Communication Broker service. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/ovbbccb_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 15:12:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 00:12:55 +0200 Subject: [SEC] [SA45061] NetServe Web Server Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201106282212.p5SMCtVW015357@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: NetServe Web Server Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA45061 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45061/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45061 RELEASE DATE: 2011-06-28 DISCUSS ADVISORY: http://secunia.com/advisories/45061/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45061/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45061 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krtic has discovered multiple vulnerabilities in NetServe Web Server, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "SSIErrorMessage", "SSITimeFormat", and "SSIExtensions" parameters to admin/host_0/ssioptions.html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "MimeTypes_0" and "MimeTypes_1" parameters to admin/mimetypes.html is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. NOTE: Other parameters and scripts may be affected as well. The vulnerabilities are confirmed in version 1.0.58. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: Gjoko 'LiquidWorm' Krtic ORIGINAL ADVISORY: ZSL-2011-5021: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5021.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 15:46:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 00:46:41 +0200 Subject: [SEC] [SA45052] SUSE update for glibc Message-ID: <201106282246.p5SMkf60004873@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for glibc SECUNIA ADVISORY ID: SA45052 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45052/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45052 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45052/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45052/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45052 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for glibc. This fixes multiple vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a vulnerable system. For more information: SA43492 SA43976 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SU-2011:0703-1: https://hermes.opensuse.org/messages/9037214 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 16:12:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 01:12:11 +0200 Subject: [SEC] [SA45078] SUSE update for glibc Message-ID: <201106282312.p5SNCBPt026418@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for glibc SECUNIA ADVISORY ID: SA45078 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45078/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45078 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45078/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45078/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45078 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for glibc. This fixes multiple vulnerabilities, which potentially can be exploited by malicious, local users to gain escalated privileges and by malicious people to compromise a vulnerable system. For more information: SA43492 SA43976 Note: This update includes a fix for a regression introduced due to an earlier update not properly fixing CVE-2010-3847. SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SU-2011:0701-1: https://hermes.opensuse.org/messages/9036471 SUSE-SU-2011:0704-1: https://hermes.opensuse.org/messages/9037844 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 16:46:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 01:46:51 +0200 Subject: [SEC] [SA45093] Parodia Unspecified SQL Injection Vulnerability Message-ID: <201106282346.p5SNkpdx016005@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Parodia Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA45093 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45093/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45093 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45093/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45093/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45093 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Parodia, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 6.8 and prior. SOLUTION: Update to version 6.809. PROVIDED AND/OR DISCOVERED BY: Carlos Mario Penagos Hollmann, Synapse Information Technology via US-CERT. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/246310 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 17:15:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 02:15:04 +0200 Subject: [SEC] [SA45085] SUSE update for glibc Message-ID: <201106290015.p5T0F41c005259@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for glibc SECUNIA ADVISORY ID: SA45085 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45085/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45085 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45085/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45085/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45085 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for glibc. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to potentially compromise a vulnerable system. For more information: SA42002 SA43492 SA43976 Note: This update includes a fix for a regression introduced due to an earlier update not properly fixing CVE-2010-3847. SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SU-2011:0702-1: https://hermes.opensuse.org/messages/9036470 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 17:47:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 02:47:02 +0200 Subject: [SEC] [SA44916] Trend Micro Data Loss Prevention Management Server Directory Traversal Vulnerability Message-ID: <201106290047.p5T0l2w4027118@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Trend Micro Data Loss Prevention Management Server Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44916 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44916/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44916 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/44916/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44916/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44916 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Trend Micro Data Loss Prevention Management Server, which can be exploited by malicious people to disclose sensitive information. Input appended to the URL after /dsc is not properly verified before being used. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. The vulnerability is reported in version 5.5. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Luis Martinez and Sergio Lopez, White Hat Consultores ORIGINAL ADVISORY: White Hat Consultores: http://www.exploit-db.com/exploits/17388/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 18:11:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 03:11:58 +0200 Subject: [SEC] [SA45065] Novell File Reporter Engine RECORD Element Processing Buffer Overflow Vulnerability Message-ID: <201106290111.p5T1Bw4g016202@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Novell File Reporter Engine RECORD Element Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45065 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45065/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45065 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45065/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45065/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45065 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell File Reporter, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the File Reporter Engine (NFREngine.exe) when parsing certain tags inside a RECORD element. This can be exploited to cause a stack-based buffer overflow via specially crafted packets sent to TCP port 3035. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 1.0.2.53. SOLUTION: Update to version 1.0.2.53. PROVIDED AND/OR DISCOVERED BY: gwslabs via ZDI ORIGINAL ADVISORY: Novell: http://download.novell.com/Download?buildid=leLxi7tQACs~ ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-227/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 18:46:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 03:46:49 +0200 Subject: [SEC] [SA45046] libpng "png_format_buffer()" Denial of Service Vulnerability Message-ID: <201106290146.p5T1kne8005775@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: libpng "png_format_buffer()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45046 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45046/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45046 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45046/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45046/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45046 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in libpng, which can be exploited by malicious people to cause a DoS (Denial of Service) in an application using the library. The vulnerability is caused due to an off-by-one error in the "png_format_buffer()" function in pngerror.c when parsing a PNG image file and can be exploited to cause a crash. This is related to: SA11505 The vulnerability is reported in versions 1.2.23 and later. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://sourceforge.net/mailarchive/forum.php?thread_name=BANLkTikrnU6FJNQYFvwmt78hwpgKPVRd1Q%40mail.gmail.com&forum_name=png-mng-implement OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 19:23:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 04:23:36 +0200 Subject: [SEC] [SA45094] Joomla! Multiple Vulnerabilities Message-ID: <201106290223.p5T2NaBU028351@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Joomla! Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45094 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45094/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45094 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45094/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45094/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45094 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, and bypass certain security restrictions. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified improper error checks can be exploited to disclose certain information. 3) Certain improper permission checks can be exploited to gain unauthorised access. 4) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 1.6.3 and prior. SOLUTION: Update to version 1.6.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Mesut Timur 2, 4) Aung Khant 3) Mark Dexter ORIGINAL ADVISORY: http://www.joomla.org/announcements/release-news/5374-joomla-164-released.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Jun 28 19:47:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 04:47:14 +0200 Subject: [SEC] [SA45075] SUSE update for libgssglue Message-ID: <201106290247.p5T2lEDC017382@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for libgssglue SECUNIA ADVISORY ID: SA45075 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45075/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45075 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45075/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45075/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45075 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libgssglue. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error when handling the "GSSAPI_MECH_CONF" environment variable during initialization. This can be exploited to load an arbitrary library with escalated privileges when a setuid application (e.g. mount.nfs) uses the library. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0696-1: https://hermes.opensuse.org/messages/8992667 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 10:31:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 19:31:58 +0200 Subject: [SEC] [SA45105] Accela / eAccela BizSearch Search Cross-Site Scripting Vulnerability Message-ID: <201106291731.p5THVwNo017836@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Accela / eAccela BizSearch Search Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45105 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45105/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45105 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45105/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45105/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45105 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Accela / eAccela BizSearch, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input related to the standard search page is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Please see the vendor's advisory for the list of affected versions. SOLUTION: Contact the vendor for patches. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Fujitsu (Japanese): http://software.fujitsu.com/jp/security/products-fujitsu/solution/bizsearch201103.html JVN (English): http://jvndb.jvn.jp/en/contents/2010/JVNDB-2010-002807.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 11:34:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 20:34:19 +0200 Subject: [SEC] [SA45060] Opera Two Vulnerabilities Message-ID: <201106291834.p5TIYJoJ008826@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Opera Two Vulnerabilities SECUNIA ADVISORY ID: SA45060 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45060/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45060 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45060/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45060/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45060 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Opera, where one has an unknown impact and the other can be exploited by malicious people to bypass certain security features. 1) An unspecified error exists. No more information is currently available. 2) An error when handling the "data" URL scheme URIs does not properly enforce the inherited security context, which may allow the URIs to interact with each other and the source page. NOTE: Additionally, a weakness exists when handling invalid URLs, which may result in consumption of all disk space with error pages. The vulnerabilities are reported in versions prior to 11.50. SOLUTION: Update to version 11.50. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) The vendor credits Michal Zalewski, Google Security Team. ORIGINAL ADVISORY: http://www.opera.com/docs/changelogs/windows/1150/ http://www.opera.com/support/kb/view/995/ http://www.opera.com/support/kb/view/996/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 12:33:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 21:33:23 +0200 Subject: [SEC] [SA45068] Sybase Adaptive Server Enterprise Backup Server Format String Vulnerability Message-ID: <201106291933.p5TJXN52032071@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Sybase Adaptive Server Enterprise Backup Server Format String Vulnerability SECUNIA ADVISORY ID: SA45068 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45068/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45068 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45068/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45068/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45068 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Sybase Adaptive Server Enterprise, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to a format string error within the Backup Server component when creating a log message. This can be exploited to cause the process to crash or corrupt memory via a specially crafted packet sent to TCP port 5001. Successful exploitation may allow execution of arbitrary code. NOTE: Exploitation on Windows results in a DoS only. The vulnerability is confirmed in version 15.5 running on Windows. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/sybase_3-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 13:32:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 22:32:05 +0200 Subject: [SEC] [SA45056] Zope Unspecified Unauthorised Access Vulnerability Message-ID: <201106292032.p5TKW5CR022875@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Zope Unspecified Unauthorised Access Vulnerability SECUNIA ADVISORY ID: SA45056 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45056/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45056 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45056/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45056/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45056 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Zope, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to an unspecified error and can be exploited to gain unauthorised access. No further information is currently available. The vulnerability is reported in versions 2.12 and 2.13. SOLUTION: Apply hot fix Zope_Hotfix_20110622 or update to version 2.12.19 or 2.13.8. Please see the vendor's advisory for more information. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Zope: https://mail.zope.org/pipermail/zope-announce/2011-June/002260.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 14:26:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 23:26:47 +0200 Subject: [SEC] [SA45111] Plone Unspecified Unauthorised Access Vulnerability Message-ID: <201106292126.p5TLQlEr013496@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Plone Unspecified Unauthorised Access Vulnerability SECUNIA ADVISORY ID: SA45111 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45111/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45111 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45111/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45111/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45111 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Plone, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to a vulnerable bundled version of Zope. For more information: SA45056 SOLUTION: Apply hot fix Zope_Hotfix_20110622. Please see the vendor's advisory for more information. ORIGINAL ADVISORY: Plone: http://plone.org/products/plone/security/advisories/20110622 http://plone.org/products/plone-hotfix/releases/20110622 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 14:47:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 29 Jun 2011 23:47:58 +0200 Subject: [SEC] [SA45028] Winamp Essentials Pack H263 Content Parsing Vulnerability Message-ID: <201106292147.p5TLlw5G002327@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Winamp Essentials Pack H263 Content Parsing Vulnerability SECUNIA ADVISORY ID: SA45028 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45028/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45028 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45028/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45028/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45028 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in Winamp Essentials Pack, which can be exploited by malicious people to potentially compromise a user's system. The vulnerability is caused due to an error in f263.w5s when parsing the "CustomWidth" and "CustomHeight" fields in H263 video content. This can be exploited to cause a heap-based buffer overflow via a specially crafted FLV file. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 5.6. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: Luigi Auriemma: http://aluigi.altervista.org/adv/winamp_2-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 15:15:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 00:15:25 +0200 Subject: [SEC] [SA45084] Apple Mac OS X update for Java Message-ID: <201106292215.p5TMFPMN024018@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Apple Mac OS X update for Java SECUNIA ADVISORY ID: SA45084 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45084/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45084 RELEASE DATE: 2011-06-29 DISCUSS ADVISORY: http://secunia.com/advisories/45084/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45084/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45084 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has issued an update for Java for Mac OS X. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA44784 SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://support.apple.com/kb/HT4738 http://support.apple.com/kb/HT4739 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 15:47:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 00:47:53 +0200 Subject: [SEC] [SA45096] Red Hat update for ruby Message-ID: <201106292247.p5TMlrhB013491@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Red Hat update for ruby SECUNIA ADVISORY ID: SA45096 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45096/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45096 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45096/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45096/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45096 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for ruby. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA37949 SA41003 SA43420 SA44638 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0908-1: http://rhn.redhat.com/errata/RHSA-2011-0908.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 16:13:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 01:13:17 +0200 Subject: [SEC] [SA45109] Red Hat update for ruby Message-ID: <201106292313.p5TNDHRJ002580@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Red Hat update for ruby SECUNIA ADVISORY ID: SA45109 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45109/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45109 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45109/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45109/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45109 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for ruby. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA37949 SA41003 SA43420 SA43434 SA44638 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0909-1: https://rhn.redhat.com/errata/RHSA-2011-0909.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 16:47:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 01:47:43 +0200 Subject: [SEC] [SA45100] HP OpenView Storage Data Protector Unspecified Code Execution Vulnerabilities Message-ID: <201106292347.p5TNlh5P024590@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: HP OpenView Storage Data Protector Unspecified Code Execution Vulnerabilities SECUNIA ADVISORY ID: SA45100 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45100/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45100 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45100/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45100/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45100 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in HP OpenView Storage Data Protector, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to unspecified errors. No further information is currently available. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in versions 6.0, 6.10, 6.11, and 6.20 running on Windows. SOLUTION: As a workaround the vendor recommends to update to version A.06.20 or later and enable encrypted control communication services (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Nahuel C. Riva and Oren Isacson, Core Security Technologies. ORIGINAL ADVISORY: HPSBMU02686 SSRT100541: http://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02872182 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 17:15:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 02:15:26 +0200 Subject: [SEC] [SA45110] Red Hat update for ruby Message-ID: <201106300015.p5U0FQnV013833@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Red Hat update for ruby SECUNIA ADVISORY ID: SA45110 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45110/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45110 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45110/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45110/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45110 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for ruby. This fixes a security issue and two vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA43420 SA43434 SA44638 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:0910-1: https://rhn.redhat.com/errata/RHSA-2011-0910.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 17:47:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 02:47:49 +0200 Subject: [SEC] [SA45101] Ashampoo 3D CAD Professional ViewControl ActiveX Control "SaveData()" Insecure Method Message-ID: <201106300047.p5U0ln10003286@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Ashampoo 3D CAD Professional ViewControl ActiveX Control "SaveData()" Insecure Method SECUNIA ADVISORY ID: SA45101 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45101/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45101 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45101/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45101/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45101 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in Ashampoo 3D CAD Professional, which can be exploited by malicious people to manipulate certain data and compromise a user's system. The vulnerability is caused due to the ViewControl ActiveX control (CyViewer.ocx) providing an insecure "SaveData()" method, which allows to create or overwrite arbitrary files with controlled content. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.0.1.7 (CyViewer.ocx 1.0.6.5). Other versions may also be affected. SOLUTION: Set the kill-bit for the ActiveX control. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23019: http://www.htbridge.ch/advisory/ashampoo_3d_cad_professional_3_activex_control_insecure_method.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 18:12:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 03:12:45 +0200 Subject: [SEC] [SA45095] SUSE update for Xen Message-ID: <201106300112.p5U1Cj2t024798@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for Xen SECUNIA ADVISORY ID: SA45095 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45095/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45095 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45095/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45095/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45095 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for Xen. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service). For more information: SA43803 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0707-1: https://hermes.opensuse.org/messages/9051370 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 18:47:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 03:47:51 +0200 Subject: [SEC] [SA45097] Google Chrome Multiple Vulnerabilities Message-ID: <201106300147.p5U1lppW014419@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45097 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45097/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45097 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45097/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45097/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45097 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome where some have unknown impacts and others can be exploited by malicious people to compromise a user's system. 1) An error when handling a NPAPI string can be exploited to cause an out-of-bounds read. 2) A use-after-free error exists when handling SVG fonts. 3) An unspecified error when parsing CSS content can be exploited to corrupt memory. 4) An unspecified error related to lifetime and re-entrancy exists within the HTML parser. 5) A boundary error exists within v8. 6) A use-after-free error exists when handling a SVG use element. 7) A use-after-free error exists when handling certain text selection. SOLUTION: Update to version 12.0.742.112. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Philippe Arteau 2 - 4, 6, 7) miaubiz 5) Aki Helin, OUSPG ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.com/2011/06/stable-channel-update_28.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 19:16:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 04:16:22 +0200 Subject: [SEC] [SA45102] FlatPress Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201106300216.p5U2GM1v004128@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: FlatPress Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45102 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45102/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45102 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45102/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45102/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45102 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in FlatPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "name", "email", and "url" POST parameters to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 0.1010.1. Prior versions may also be affected. SOLUTION: Update to version 0.1010.2. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23022: http://www.htbridge.ch/advisory/xss_in_flatpress.html http://flatpress.org/vanilla2/discussion/1425/flatpress-security-vulnerability-notification/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 19:46:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 04:46:24 +0200 Subject: [SEC] [SA45108] ALZip MIM File Processing Buffer Overflow Vulnerability Message-ID: <201106300246.p5U2kOnq025913@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: ALZip MIM File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA45108 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45108/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45108 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45108/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45108/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45108 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ALZip, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing MIM files and can be exploited to cause a buffer overflow via a specially crafted file. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 8.21 published prior to June 29th, 2011. SOLUTION: Update to version 8.21 published after June 29th, 2011. PROVIDED AND/OR DISCOVERED BY: JVN credits Takahiko Funakubo, Fourteenforty Research Institute ORIGINAL ADVISORY: ALZip (Japanese): http://www.altools.jp/ETC/NEWS.aspx?mid=231&vidx=118 JVN (English): http://jvn.jp/en/jp/JVN01547302/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000048.html JVN (Japanese): http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000048.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Jun 29 20:12:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 05:12:33 +0200 Subject: [SEC] [SA44890] RSLinx OPC Automation ActiveX Control Buffer Overflow Vulnerability Message-ID: <201106300312.p5U3CXmd015057@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: RSLinx OPC Automation ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44890 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44890/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44890 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/44890/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44890/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44890 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered a vulnerability in RSLinx, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the OPC Automation ActiveX control ("RsiOPCAuto.OPCServer") when creating debug strings. This can be exploited to cause a stack-based buffer overflow via an overly long string passed e.g. in the "ProgID" parameter to the "Connect()" method. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in versions prior to 2.55 (confirmed in 2.3.1 Build 10 RsiOPCAuto.dll version 1.1.8.0). SOLUTION: Update to version 2.55 or apply patch (scheduled for July 2011). PROVIDED AND/OR DISCOVERED BY: Dmitriy Pletnev, Secunia Research. ORIGINAL ADVISORY: Rockwell Automation: http://rockwellautomation.custhelp.com/app/answers/detail/a_id/448266 Secunia Research: http://secunia.com/secunia_research/2011-50/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 10:51:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 19:51:04 +0200 Subject: [SEC] [SA45081] Drupal Node Access Security Bypass Vulnerability Message-ID: <201106301751.p5UHp43T019383@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Drupal Node Access Security Bypass Vulnerability SECUNIA ADVISORY ID: SA45081 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45081/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45081 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45081/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45081/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45081 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Drupal, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the node_access system restrictions not being enforced and can be exploited to view otherwise restricted nodes. NOTE: This affects the taxonomy and forum subsystems. The vulnerability is reported in versions 7.0, 7.1, and 7.2. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Sascha Grossenbacher, Khaled Alhourani, and Ben Ford. ORIGINAL ADVISORY: DRUPAL-SA-CORE-2011-002: http://drupal.org/node/1204582 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 10:51:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 19:51:01 +0200 Subject: [SEC] [SA45034] SAP NetWeaver SAPTerm Hardcoded Credentials User Creation Weakness Message-ID: <201106301751.p5UHp173019292@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SAP NetWeaver SAPTerm Hardcoded Credentials User Creation Weakness SECUNIA ADVISORY ID: SA45034 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45034/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45034 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45034/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45034/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45034 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in SAP NetWeaver, which can be exploited by malicious users to manipulate certain data. The weakness is caused due to an error when running certain reports, which can be exploited to create a SAPTerm user with hardcoded credentials by tricking the system administrator into running a report. The weakness is reported in the following components: * SAP Basis versions 620 through 640. * SAP Basis versions 700 through 702. * SAP Basis versions 710 through 730. * SAP Basis versions 72L through 800. SOLUTION: Apply fixes (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Julius von dem Bussche, Xiting AG. ORIGINAL ADVISORY: SAP: https://service.sap.com/sap/support/notes/1542645 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 11:37:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 20:37:14 +0200 Subject: [SEC] [SA45099] WordPress Unauthorized Access Vulnerability Message-ID: <201106301837.p5UIbESV009930@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: WordPress Unauthorized Access Vulnerability SECUNIA ADVISORY ID: SA45099 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45099/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45099 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45099/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45099/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45099 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in WordPress, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to an unspecified error, which can be exploited to gain further access to the site. Successful exploitation requires the "Editor" role. The vulnerability is reported in WordPress versions 3.1.3 and prior. SOLUTION: Update to version 3.1.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits K. Gudinavicius, SEC Consult. ORIGINAL ADVISORY: http://wordpress.org/news/2011/06/wordpress-3-1-4/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 12:34:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 21:34:13 +0200 Subject: [SEC] [SA45086] Wireshark Lucent/Ascend File Parser Denial of Service Vulnerability Message-ID: <201106301934.p5UJYDYc000622@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Wireshark Lucent/Ascend File Parser Denial of Service Vulnerability SECUNIA ADVISORY ID: SA45086 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45086/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45086 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45086/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45086/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45086 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the Lucent/Ascend file parser and can be exploited to cause an infinite loop via specially crafted packets. The vulnerability is reported in versions 1.2.0 through 1.2.17, 1.4.0 through 1.4.7, and 1.6.0. SOLUTION: Update to version 1.2.18. The 1.4.x and 1.6.x branches currently do not have a fix. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.wireshark.org/security/wnpa-sec-2011-09.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 13:35:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 22:35:55 +0200 Subject: [SEC] [SA44998] Cachelogic Expired Domains Script Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201106302035.p5UKZt9t024028@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Cachelogic Expired Domains Script Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA44998 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44998/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44998 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/44998/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44998/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44998 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Brendan Coles has reported multiple vulnerabilities in Cachelogic Expired Domains Script, which can be exploited by malicious people to conduct cross-site scripting attacks and SQL injection attacks. 1) Input passed via the "name" and "ext" parameters to stats.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "ncharacter" parameter to index.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 1. Other versions may also be affected. SOLUTION: Apply patch. Contact vendor for more information. PROVIDED AND/OR DISCOVERED BY: Brendan Coles ORIGINAL ADVISORY: http://itsecuritysolutions.org/2011-03-24_Cachelogic_Expired_Domains_Script_1.0_multiple_security_vulnerabilities/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 14:28:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 23:28:03 +0200 Subject: [SEC] [SA45083] Joomla! Newsletter Subscriber Plugin "name" and "email" Cross-Site Scripting Vulnerabilities Message-ID: <201106302128.p5ULS3FZ014499@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Joomla! Newsletter Subscriber Plugin "name" and "email" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA45083 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45083/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45083 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45083/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45083/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45083 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the Newsletter Subscriber plugin for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "name" and "email" POST parameter to index.php when viewing pages using the plugin is not properly sanitised in newsletter_subscriber.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 1.3 for Joomla! 1.5 and confirmed in version 1.2 for Joomla! 1.6. Prior versions may also be affected. SOLUTION: Update to version 1.3 for Joomla! 1.5 (released June 28th, 2011) or version 1.2 for Joomla! 1.6 (released June 29th, 2011). PROVIDED AND/OR DISCOVERED BY: Reported by the Joomla! VEL team. ORIGINAL ADVISORY: http://docs.joomla.org/Vulnerable_Extensions_List#Newsletter_Subscriber OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 14:47:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 30 Jun 2011 23:47:56 +0200 Subject: [SEC] [SA45106] IBM Products PageBuilder2 Theme Cross-Site Scripting Vulnerability Message-ID: <201106302147.p5ULluxA003328@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: IBM Products PageBuilder2 Theme Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA45106 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45106/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45106 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45106/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45106/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45106 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere Portal and IBM Lotus Web Content Management, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input related to the PageBuilder2 theme is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in: * IBM WebSphere Portal version 7.0 * IBM Lotus Web Content Management version 7.0.0.1 SOLUTION: Apply the Combined Cumulative Fix 006 when it becomes available. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21503959 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 15:14:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Jul 2011 00:14:13 +0200 Subject: [SEC] [SA45116] Ubuntu update for linux-mvl-dove Message-ID: <201106302214.p5UMEDOB024924@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-mvl-dove SECUNIA ADVISORY ID: SA45116 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45116/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45116 RELEASE DATE: 2011-06-30 DISCUSS ADVISORY: http://secunia.com/advisories/45116/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45116/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45116 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-mvl-dove. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS. For more information: SA38499 SA42684 SA43009 SA43358 SA43569 SA43594 SA43693 SA43716 SA43806 SA43966 SA44164 SA44220 SA44248 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1162-1: http://www.ubuntu.com/usn/usn-1162-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 15:47:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Jul 2011 00:47:48 +0200 Subject: [SEC] [SA45122] Fedora update for syslog-ng Message-ID: <201106302247.p5UMlmcE014436@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Fedora update for syslog-ng SECUNIA ADVISORY ID: SA45122 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45122/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45122 RELEASE DATE: 2011-07-01 DISCUSS ADVISORY: http://secunia.com/advisories/45122/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45122/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45122 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for syslog-ng. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44527 SOLUTION: Apply updated packages via the yum utility ("yum update syslog-ng"). ORIGINAL ADVISORY: FEDORA-2011-8405: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062107.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 16:13:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Jul 2011 01:13:47 +0200 Subject: [SEC] [SA45062] Debian update for php5 Message-ID: <201106302313.p5UNDla8003567@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Debian update for php5 SECUNIA ADVISORY ID: SA45062 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45062/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45062 RELEASE DATE: 2011-07-01 DISCUSS ADVISORY: http://secunia.com/advisories/45062/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45062/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45062 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for php5. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious people to disclose system and potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA40268 SA43328 SA43621 SA44874 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2266-1: http://lists.debian.org/debian-security-announce/2011/msg00137.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 16:48:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Jul 2011 01:48:57 +0200 Subject: [SEC] [SA45124] SUSE update for kernel Message-ID: <201106302348.p5UNmvpK025602@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA45124 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45124/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45124 RELEASE DATE: 2011-07-01 DISCUSS ADVISORY: http://secunia.com/advisories/45124/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45124/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45124 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain sensitive and system information, bypass certain security restrictions, conduct session hijacking attacks, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA39080 SA41493 SA43576 SA43716 SA43806 SA43846 SA43841 SA44164 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0711-1: https://hermes.opensuse.org/messages/9067444 SUSE-SA:2011:027: http://lists.opensuse.org/opensuse-security-announce/2011-06/msg00016.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 17:15:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Jul 2011 02:15:57 +0200 Subject: [SEC] [SA45107] IBM Tivoli Directory Server Log File Information Disclosure Security Issue Message-ID: <201107010015.p610FvYr014809@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: IBM Tivoli Directory Server Log File Information Disclosure Security Issue SECUNIA ADVISORY ID: SA45107 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45107/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45107 RELEASE DATE: 2011-07-01 DISCUSS ADVISORY: http://secunia.com/advisories/45107/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45107/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45107 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in IBM Tivoli Directory Server, which can be exploited by malicious people to disclose potentially sensitive information. The security issue is caused due to the Web Administration Tool not restricting access to certain log files. The security issue is reported in version 6.2.0.3. SOLUTION: Apply interim fix 6.2.0.3-TIV-ITDS-IF0004. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IO14060): http://www.ibm.com/support/docview.wss?uid=swg24030320 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 17:48:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Jul 2011 02:48:01 +0200 Subject: [SEC] [SA45120] Fedora update for ejabberd Message-ID: <201107010048.p610m1Od004252@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: Fedora update for ejabberd SECUNIA ADVISORY ID: SA45120 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45120/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45120 RELEASE DATE: 2011-07-01 DISCUSS ADVISORY: http://secunia.com/advisories/45120/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45120/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45120 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for ejabberd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44807 SOLUTION: Apply updated packages via the yum utility ("yum update ejabberd"). ORIGINAL ADVISORY: FEDORA-2011-8437: http://lists.fedoraproject.org/pipermail/package-announce/2011-June/062145.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Jun 30 18:13:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 1 Jul 2011 03:13:01 +0200 Subject: [SEC] [SA44988] libvirt "virDomainGetVcpus()" Integer Overflow Vulnerability Message-ID: <201107010113.p611D1UN025766@CRON-IX-2.intnet> ---------------------------------------------------------------------- Frost & Sullivan 2011 Report: Secunia Vulnerability Research \"Frost & Sullivan believes that Secunia continues to be a major player in the vulnerability research market due to its diversity of products that provide best-in-class coverage, quality, and usability.\" This is just one of the key factors that influenced Frost & Sullivan to select Secunia over other companies. Read the report here: http://secunia.com/products/corporate/vim/fs_request_2011/ ---------------------------------------------------------------------- TITLE: libvirt "virDomainGetVcpus()" Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA44988 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44988/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44988 RELEASE DATE: 2011-07-01 DISCUSS ADVISORY: http://secunia.com/advisories/44988/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44988/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44988 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in libvirt, which can be exploited by malicious users to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an integer overflow error in the "virDomainGetVcpus()" function in src/libvirt.c. This can be exploited to cause the daemon to crash or corrupt memory via a specially crafted request sent to e.g. TCP port 16509. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 0.9.2. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://www.redhat.com/archives/libvir-list/2011-June/msg01278.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ----------------------------------------------------------------------