From sec-adv at secunia.com Mon May 2 10:32:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 May 2011 19:32:40 +0200 Subject: [SEC] [SA44439] LDAP Account Manager "selfserviceSaveOk" Cross-Site Scripting Vulnerability Message-ID: <201105021732.p42HWe6A004952@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: LDAP Account Manager "selfserviceSaveOk" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44439 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44439/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44439 RELEASE DATE: 2011-05-02 DISCUSS ADVISORY: http://secunia.com/advisories/44439/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44439/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44439 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in LDAP Account Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "selfserviceSaveOk" parameter to templates/login.php is not properly sanitised in lib/status.inc before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.4.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/LDAP-Account-Manager-3.4.0-Reflected-Cross-site-Scripting-193 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 11:33:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 May 2011 20:33:39 +0200 Subject: [SEC] [SA44387] SSSD Automatic Ticket Renewal Credentials Cache File Security Issue Message-ID: <201105021833.p42IXdhQ027903@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SSSD Automatic Ticket Renewal Credentials Cache File Security Issue SECUNIA ADVISORY ID: SA44387 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44387/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44387 RELEASE DATE: 2011-05-02 DISCUSS ADVISORY: http://secunia.com/advisories/44387/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44387/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44387 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in SSSD, which can be exploited by malicious people to hijack another user's account. The security issue is caused due to the automatic ticket renewal service setting the credential cache path as the user's cached credentials, which can be exploited to log in as another user by determining or predicting the name of the other user's cache file. Successful exploitation requires that the automatic ticket renewal option and offline authentication are enabled, the SSSD daemon is authenticating in offline mode, and a renewal operation for the victim user has been performed without any further authentication from the victim user taking place. Note: Remote attackers may only be able to predict the filename if the "mkstemp()" suffix has been removed from the "krb5_ccache_template" SSSD configuration option. The vulnerability is reported in versions 1.5.0 to 1.5.7. SOLUTION: Update to version 1.5.7. PROVIDED AND/OR DISCOVERED BY: The vendor credits Marko Myllynen, Red Hat. ORIGINAL ADVISORY: https://fedorahosted.org/sssd/wiki/Releases/Notes-1.5.7 https://fedorahosted.org/sssd/ticket/856 http://git.fedorahosted.org/git/?p=sssd.git;a=commitdiff;h=fffdae81651b460f3d2c119c56d5caa09b4de42a OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 12:31:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 May 2011 21:31:57 +0200 Subject: [SEC] [SA44446] Oracle Solaris Mozilla Thunderbird Multiple Vulnerabilities Message-ID: <201105021931.p42JVv5C018334@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Mozilla Thunderbird Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44446 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44446/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44446 RELEASE DATE: 2011-05-02 DISCUSS ADVISORY: http://secunia.com/advisories/44446/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44446/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44446 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged some vulnerabilities in Mozilla Thunderbird included in Solaris, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security restrictions, conduct cross-site scripting attacks, and potentially compromise a user's system. For more information: SA41244 SA41304 SA41890 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_mozilla_thunderbird1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 13:31:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 May 2011 22:31:49 +0200 Subject: [SEC] [SA44443] Oracle Solaris Apache HTTP Server Multiple Vulnerabilities Message-ID: <201105022031.p42KVnQM008814@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Apache HTTP Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44443 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44443/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44443 RELEASE DATE: 2011-05-02 DISCUSS ADVISORY: http://secunia.com/advisories/44443/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44443/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44443 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged some vulnerabilities in Apache HTTP Server included in Solaris and OpenSolaris, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions, manipulate certain data, gain access to potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA35261 SA35781 SA36549 SA36675 SA37291 SA38776 SA40206 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/multiple_vulnerabilities_in_the_apache OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 14:25:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 May 2011 23:25:52 +0200 Subject: [SEC] [SA44448] Oracle Solaris OpenSSL Ciphersuite Downgrade Vulnerability Message-ID: <201105022125.p42LPqk4031444@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris OpenSSL Ciphersuite Downgrade Vulnerability SECUNIA ADVISORY ID: SA44448 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44448/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44448 RELEASE DATE: 2011-05-02 DISCUSS ADVISORY: http://secunia.com/advisories/44448/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44448/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44448 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in OpenSSL included in Solaris, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA42473 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2010_4180_affects_openssl OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 14:47:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 2 May 2011 23:47:02 +0200 Subject: [SEC] [SA44445] Oracle Solaris Apache APR-util Multiple Vulnerabilities Message-ID: <201105022147.p42Ll2lC020207@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Apache APR-util Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44445 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44445/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44445 RELEASE DATE: 2011-05-02 DISCUSS ADVISORY: http://secunia.com/advisories/44445/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44445/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44445 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged some vulnerabilities in Apache APR-util included in Solaris, which can be exploited by malicious users and malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). For more information: SA35284 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2009_1955_resource_management http://blogs.sun.com/security/entry/cve_2009_1956_numeric_errors http://blogs.sun.com/security/entry/cve_2009_0023_buffer_overflow OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 15:12:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 00:12:16 +0200 Subject: [SEC] [SA44444] Oracle Solaris Apache APR-util Integer Overflow Vulnerabilities Message-ID: <201105022212.p42MCGvY009156@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Apache APR-util Integer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA44444 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44444/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44444 RELEASE DATE: 2011-05-02 DISCUSS ADVISORY: http://secunia.com/advisories/44444/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44444/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44444 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged some vulnerabilities in Apache APR-util included in Solaris, which can potentially be exploited by malicious people to compromise an application using the library. For more information see vulnerability #1 in: SA36138 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2010_0740_record_of OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 15:46:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 00:46:38 +0200 Subject: [SEC] [SA44447] Oracle Solaris CGI.pm "header()" HTTP Header Injection Vulnerability Message-ID: <201105022246.p42Mkcfg030882@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Oracle Solaris CGI.pm "header()" HTTP Header Injection Vulnerability SECUNIA ADVISORY ID: SA44447 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44447/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44447 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44447/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44447/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44447 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged some vulnerabilities in CGI.pm included in Solaris, which can be exploited by malicious people to conduct HTTP response splitting attacks in an application using the library. For more information: SA42461 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: http://blogs.sun.com/security/entry/cve_2010_2761_cve_2010 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 16:12:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 01:12:55 +0200 Subject: [SEC] [SA44424] Fedora update for mediawiki Message-ID: <201105022312.p42NCt6X019881@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for mediawiki SECUNIA ADVISORY ID: SA44424 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44424/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44424 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44424/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44424/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44424 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mediawiki. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions, disclose potentially sensitive information, and conduct cross-site scripting and request forgery attacks. For more information: SA40740 SA42810 SA43142 SA44142 SOLUTION: Apply updated packages via the yum utility ("yum update mediawiki"). ORIGINAL ADVISORY: FEDORA-2011-5807: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059235.html FEDORA-2011-5812: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059232.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 16:46:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 01:46:49 +0200 Subject: [SEC] [SA44401] Ubuntu update for xulrunner Message-ID: <201105022346.p42Nknl4009203@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for xulrunner SECUNIA ADVISORY ID: SA44401 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44401/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44401 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44401/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44401/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44401 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct spoofing attacks, cross-site request forgery attacks, disclose sensitive information, and compromise a user's system. For more information: SA42517 SA43550 SA44357 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1123-1: http://www.ubuntu.com/usn/usn-1123-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 17:14:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 02:14:34 +0200 Subject: [SEC] [SA44405] Ubuntu update for php Message-ID: <201105030014.p430EYdk030653@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for php SECUNIA ADVISORY ID: SA44405 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44405/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44405 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44405/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44405/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44405 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for php. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA41724 SA43328 SA43449 SA43533 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1126-1: http://www.ubuntu.com/usn/usn-1126-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 17:46:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 02:46:55 +0200 Subject: [SEC] [SA44404] Ubuntu update for firefox and xulrunner Message-ID: <201105030046.p430ktiw019909@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for firefox and xulrunner SECUNIA ADVISORY ID: SA44404 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44404/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44404 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44404/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44404/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44404 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1112-1: http://www.ubuntu.com/usn/usn-1112-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 18:11:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 03:11:58 +0200 Subject: [SEC] [SA44440] FrontAccounting Cross-Site Request Forgery Vulnerability Message-ID: <201105030111.p431BwRT008858@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: FrontAccounting Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44440 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44440/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44440 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44440/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44440/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44440 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in FrontAccounting, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site. The vulnerability is confirmed in version 2.3.4. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/Front-Accounting-2.3.4-Cross-site-Request-Forgery-191 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 18:47:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 03:47:24 +0200 Subject: [SEC] [SA44337] 360 Web Manager Multiple Vulnerabilities Message-ID: <201105030147.p431lOkc030632@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: 360 Web Manager Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44337 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44337/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44337 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44337/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44337/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44337 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ignacio Garrido has reported multiple vulnerabilities in 360 Web Manager, which can be exploited by malicious people to disclose sensitive information, delete files on an affected system, and compromise a vulnerable system. 1) Input passed via an unspecified parameter to adm/barra/assetmanager/assetmanager.php is not properly verified before being used. This can be exploited to list or delete arbitrary files via directory traversal attacks. 2) The vulnerability is caused due to the adm/barra/assetmanager/assetmanager.php script improperly verifying uploaded files. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script with multiple extensions. NOTE: Additionally, a weakness exists due to the adm/barra/assetmanager/assetmanager.php script disclosing path information in the source code of the generated HTML. The vulnerability is reported in version 3.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Ignacio Garrido OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 19:17:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 04:17:33 +0200 Subject: [SEC] [SA44442] SUSE update for kernel Message-ID: <201105030217.p432HXoo020253@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA44442 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44442/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44442 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44442/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44442/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44442 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS, and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA39080 SA42126 SA43009 SA43594 SA43806 SA43841 SA43846 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SA:2011:019: http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00006.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 19:45:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 04:45:48 +0200 Subject: [SEC] [SA44438] Tine 2.0 "file" Cross-Site Scripting Vulnerability Message-ID: <201105030245.p432jmQg009332@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Tine 2.0 "file" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44438 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44438/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44438 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44438/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44438/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44438 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Tine 2.0, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "file" parameter in library/vcardphp/vbook.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/Tine-2.0-Reflected-Cross-site-Scripting-194 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 20:11:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 05:11:10 +0200 Subject: [SEC] [SA44437] Time and Expense Management System Multiple Vulnerabilities Message-ID: <201105030311.p433BAAZ030676@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Time and Expense Management System Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44437 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44437/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44437 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44437/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44437/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44437 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered multiple vulnerabilities in Time and Expense Management System, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. 1) Input passed via the "form" parameter to lookup.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "DB_Admin_id" and "DB_Admin_Password" parameters to systemadmin/BackupData.php (when "toFile" is set) is not properly sanitised before being used. This can be exploited to inject and execute arbitrary shell commands. 3) The "processIncomingFormData()" function in systemadmin/Edit.php does not properly validate uploaded file types, which can be exploited to execute arbitrary PHP code by uploading a PHP file. The vulnerabilities are confirmed in version 1.6.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. Restrict access to the systemadmin directory (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/Time-and-Expense-Management-System-Reflected-Cross-site-Scripting-195 http://www.autosectools.com/Advisory/Time-and-Expense-Management-System-Command-Injection-196 http://www.autosectools.com/Advisory/Time-and-Expense-Management-System-Arbitrary-Upload-197 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 20:45:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 05:45:45 +0200 Subject: [SEC] [SA44398] Debian update for iceweasel Message-ID: <201105030345.p433jjjK020032@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for iceweasel SECUNIA ADVISORY ID: SA44398 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44398/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44398 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44398/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44398/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44398 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for iceweasel. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2228-1: http://lists.debian.org/debian-security-announce/2011/msg00097.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 21:11:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 06:11:32 +0200 Subject: [SEC] [SA44397] Debian update for spip Message-ID: <201105030411.p434BWh7008999@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for spip SECUNIA ADVISORY ID: SA44397 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44397/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44397 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44397/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44397/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44397 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for spip. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA44147 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2229-1: http://lists.debian.org/debian-security-announce/2011/msg00098.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 21:46:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 06:46:16 +0200 Subject: [SEC] [SA44393] Debian update for qemu-kvm Message-ID: <201105030446.p434kGv6030753@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for qemu-kvm SECUNIA ADVISORY ID: SA44393 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44393/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44393 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44393/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44393/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44393 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for qemu-kvm. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users in a guest system to cause a DoS (Denial of Service) and potentially gain escalated privilege and by malicious people to bypass certain security restrictions. For more information: SA42830 SA44132 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2230-1: http://lists.debian.org/debian-security-announce/2011/msg00099.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 2 22:11:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 07:11:41 +0200 Subject: [SEC] [SA44441] Interbase XE "connect" Request Parsing Buffer Overflow Vulnerability Message-ID: <201105030511.p435BfKn019723@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Interbase XE "connect" Request Parsing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44441 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44441/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44441 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44441/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44441/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44441 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Interbase XE, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error within the database service when parsing the "connect" (0x01) request. This can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to TCP port 3050. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 10.0.2 (Update 2). SOLUTION: Update to version 10.0.2 (Update 2). Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: An anonymous person via ZDI. ORIGINAL ADVISORY: Embarcadero: http://docs.embarcadero.com/products/interbase/IBXEUpdate2/readme.html ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-153/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 10:32:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 19:32:34 +0200 Subject: [SEC] [SA44388] libmodplug ABC File Processing Buffer Overflow Vulnerabilities Message-ID: <201105031732.p43HWYO3008421@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: libmodplug ABC File Processing Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA44388 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44388/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44388 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44388/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44388/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44388 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in libmodplug, which can be exploited by malicious people to compromise an application using the library. The vulnerabilities are caused due to boundary errors within the "abc_new_macro()" and "abc_new_umacro()" functions in src/load_abc.cpp, which can be exploited to cause stack-based buffer overflows by tricking a user into opening specially crafted ABC files. The vulnerabilities are confirmed in version 0.8.8.2. Other versions may also be affected. SOLUTION: Do not open untrusted files in an application using the library. PROVIDED AND/OR DISCOVERED BY: epiphant ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17222/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 11:32:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 20:32:54 +0200 Subject: [SEC] [SA44412] VLC Media Player libmodplug Buffer Overflow Vulnerabilities Message-ID: <201105031832.p43IWs2X031326@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: VLC Media Player libmodplug Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA44412 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44412/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44412 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44412/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44412/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44412 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in VLC Media Player, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to the application using a vulnerable version of the libmodplug library. For more information: SA44388 Note: This may only affect the precompiled versions. The vulnerabilities are confirmed in version 1.1.9 for Windows. Other versions may also be affected. SOLUTION: Do not open untrusted files. PROVIDED AND/OR DISCOVERED BY: epiphant OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 12:33:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 21:33:44 +0200 Subject: [SEC] [SA44395] WordPress Magazeen Theme Multiple Vulnerabilities Message-ID: <201105031933.p43JXi04021866@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress Magazeen Theme Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44395 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44395/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44395 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44395/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44395/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44395 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two security issues and two vulnerabilities have been discovered in the Magazeen theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). The security issues and vulnerabilities are caused due to a bundled, vulnerable version of TimThumb. For more information: SA44126 The vulnerabilities are confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: MustLive ORIGINAL ADVISORY: http://websecurity.com.ua/5120/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 13:31:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 22:31:05 +0200 Subject: [SEC] [SA44410] Ubuntu update for vino Message-ID: <201105032031.p43KV59J012237@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for vino SECUNIA ADVISORY ID: SA44410 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44410/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44410 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44410/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44410/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44410 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for vino. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA44463 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1128-1: http://www.ubuntu.com/usn/usn-1128-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 14:26:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 23:26:21 +0200 Subject: [SEC] [SA44420] DirectAdmin "mysql_backups" Insecure Folder Permissions Security Issue Message-ID: <201105032126.p43LQLKt002471@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: DirectAdmin "mysql_backups" Insecure Folder Permissions Security Issue SECUNIA ADVISORY ID: SA44420 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44420/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44420 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44420/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44420/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44420 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Pouya Daneshmand has reported a security issue in DirectAdmin, which can be exploited by malicious, local users to gain access to sensitive information. The security issue is caused due to MySQL database backup files being created in the world-readable "mysql_backups" folder. This can be exploited to disclose MySQL database backup content. Successful exploitation requires CustomBuild being used to update the MySQL database and "mysql_backup" set to "yes". The security issue is reported in versions prior to 1.38.1. SOLUTION: Update to version 1.38.1. PROVIDED AND/OR DISCOVERED BY: Pouya Daneshmand ORIGINAL ADVISORY: DirectAdmin Feature#1209: http://www.directadmin.com/features.php?id=1209 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 14:49:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 3 May 2011 23:49:03 +0200 Subject: [SEC] [SA44419] Adobe Photoshop Unspecified Vulnerabilities Message-ID: <201105032149.p43Ln3Db023741@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Adobe Photoshop Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA44419 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44419/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44419 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44419/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44419/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44419 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities with an unknown impact have been reported in Adobe Photoshop. The vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in versions prior to CS5 12.0.4. SOLUTION: Update to version CS5 12.0.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.adobe.com/support/downloads/detail.jsp?ftpID=4973 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 15:14:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 00:14:38 +0200 Subject: [SEC] [SA44413] Ubuntu update for usb-creator Message-ID: <201105032214.p43MEcPs012702@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for usb-creator SECUNIA ADVISORY ID: SA44413 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44413/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44413 RELEASE DATE: 2011-05-03 DISCUSS ADVISORY: http://secunia.com/advisories/44413/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44413/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44413 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for usb-creator. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the "UnmountFile" method not being protected by PolicyKit, which can be exploited to unmount an arbitrary filesystem. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1127-1: http://www.ubuntu.com/usn/usn-1127-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 15:47:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 00:47:07 +0200 Subject: [SEC] [SA44389] DirectAdmin Hard Link Privilege Escalation Security Issue Message-ID: <201105032247.p43Ml7fi001888@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: DirectAdmin Hard Link Privilege Escalation Security Issue SECUNIA ADVISORY ID: SA44389 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44389/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44389 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44389/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44389/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44389 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in DirectAdmin, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to an improper check for certain hard links when creating backups and can be exploited to e.g. manipulate certain files through hard link attacks. The security issue is reported in versions prior to 1.382. SOLUTION: Update to version 1.382. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: DirectAdmin Feature#1205: http://www.directadmin.com/features.php?id=1205 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 16:13:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 01:13:29 +0200 Subject: [SEC] [SA44463] Vino Framebuffer Update Handling Denial of Service Vulnerability Message-ID: <201105032313.p43NDTSa023343@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Vino Framebuffer Update Handling Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44463 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44463/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44463 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44463/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44463/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44463 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Vino, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "rfbSendFramebufferUpdate()" function in server/libvncserver/rfbserver.c when handling client framebuffer update requests. This can be exploited to cause a crash via a specially crafted framebuffer update request packet. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by Kevin in a GNOME bug. ORIGINAL ADVISORY: https://bugzilla.gnome.org/show_bug.cgi?id=641802 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 16:48:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 01:48:06 +0200 Subject: [SEC] [SA44414] Cyrus IMAP Server "STARTTLS" Plaintext Injection Vulnerability Message-ID: <201105032348.p43Nm6bE012712@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Cyrus IMAP Server "STARTTLS" Plaintext Injection Vulnerability SECUNIA ADVISORY ID: SA44414 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44414/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44414 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44414/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44414/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44414 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cyrus IMAP Server, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to the TLS implementation not properly clearing transport layer buffers when upgrading from plaintext to ciphertext after receiving the "STARTTLS" command. This can be exploited to insert arbitrary plaintext data (e.g. SMTP commands) during the plaintext phase, which will then be executed after upgrading to the TLS ciphertext phase. The vulnerability is reported in versions prior to 2.4.7. SOLUTION: Update to version 2.4.7. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://cyrusimap.org/mediawiki/index.php/Bugs_Resolved_in_2.4.7 http://bugzilla.cyrusimap.org/show_bug.cgi?id=3424 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 17:15:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 02:15:51 +0200 Subject: [SEC] [SA44459] Red Hat update for libvirt Message-ID: <201105040015.p440Fpc2001691@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for libvirt SECUNIA ADVISORY ID: SA44459 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44459/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44459 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44459/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44459/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44459 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for libvirt. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #2 in: SA43670 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0479-1: https://rhn.redhat.com/errata/RHSA-2011-0479.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 17:46:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 02:46:59 +0200 Subject: [SEC] [SA44436] Red Hat update for gstreamer-plugins Message-ID: <201105040046.p440kxJC023335@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for gstreamer-plugins SECUNIA ADVISORY ID: SA44436 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44436/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44436 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44436/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44436/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44436 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for gstreamer-plugins. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA21418 SA44054 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0477-1: https://rhn.redhat.com/errata/RHSA-2011-0477.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 18:10:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 03:10:57 +0200 Subject: [SEC] [SA44462] IBM InfoSphere Information Server Java Double Literal Denial of Service Vulnerability Message-ID: <201105040110.p441AvPt012230@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IBM InfoSphere Information Server Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44462 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44462/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44462 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44462/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44462/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44462 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in IBM InfoSphere Information Server, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA43262 The vulnerability is reported in versions 8.5, 8.1, and 8.0. SOLUTION: Apply patches. Please see the vendor's advisory for more information. ORIGINAL ADVISORY: IBM (JR39034): http://www.ibm.com/support/docview.wss?uid=swg24029823 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 18:48:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 03:48:08 +0200 Subject: [SEC] [SA44434] Fedora update for SimGear Message-ID: <201105040148.p441m8ZL001633@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for SimGear SECUNIA ADVISORY ID: SA44434 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44434/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44434 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44434/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44434/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44434 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for SimGear. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA36425 SOLUTION: Apply updated packages via the yum utility ("yum update SimGear"). ORIGINAL ADVISORY: FEDORA-2011-5744: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059172.html FEDORA-2011-5727: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059176.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 19:24:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 04:24:00 +0200 Subject: [SEC] [SA44430] Fedora update for thunderbird Message-ID: <201105040224.p442O0Hq025120@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for thunderbird SECUNIA ADVISORY ID: SA44430 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44430/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44430 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44430/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44430/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44430 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44407 SOLUTION: Apply updated packages via the yum utility ("yum update thunderbird") ORIGINAL ADVISORY: FEDORA-2011-6215: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059185.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 19:47:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 04:47:11 +0200 Subject: [SEC] [SA44182] MediaCast Multiple Vulnerabilities Message-ID: <201105040247.p442lB7W013961@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MediaCast Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44182 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44182/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44182 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44182/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44182/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44182 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Daniel Clemens has reported multiple vulnerabilities in MediaCast, which can be exploited by malicious people to disclose sensitive information and conduct SQL injection attacks. 1) Input passed via the "file" parameter to authenticate_ad_setup_finished.cfm (when "UserID" is set to a valid value and "ClearSession" is set to "1") is not properly verified before being used. This can be exploited to disclose previously cached Active Directory credentials via an error message. 2) Input passed via the "CP_RIGHTSOURCE" and "bdclient_Inventive" cookie values to inventivex/mangetraining is not properly sanitised before being used. This can be exploited to manipulate certain data (e.g. injecting xml). 3) Certain input passed via an unspecified parameter to authenticate_ad_setup_finished.cfm is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 4) Input passed via the "CP_ENLARGESTYLE" cookie value to inventivex/managetraining is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. NOTE: Additionally, a weakness exists due to the inventivex/isptools/release/metadata/globalIncludeFolders.txt file storing path information, which may disclose potentially sensitive information. The vulnerabilities are reported in version 8. Prior versions may also be affected. SOLUTION: Update to the latest version. Contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: Daniel Clemens, Packetninjas. ORIGINAL ADVISORY: http://www.packetninjas.net/storage/advisories/MediaCast-PWDump-FINAL.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 20:11:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 05:11:36 +0200 Subject: [SEC] [SA44435] SUSE update for kernel Message-ID: <201105040311.p443Baxl002826@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA44435 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44435/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44435 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44435/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44435/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44435 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions, disclose certain system and potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS, and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA43009 SA43358 SA43576 SA43806 SA43841 SA43846 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0416-1: http://lists.opensuse.org/opensuse-updates/2011-04/msg00083.html SUSE-SA:2011:021: http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00008.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 20:48:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 05:48:45 +0200 Subject: [SEC] [SA44428] Fedora update for firefox and xulrunner Message-ID: <201105040348.p443mjvE024732@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for firefox and xulrunner SECUNIA ADVISORY ID: SA44428 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44428/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44428 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44428/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44428/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44428 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SOLUTION: Apply updated packages via the yum utility ("yum update firefox" and "yum update xulrunner"). ORIGINAL ADVISORY: FEDORA-2011-6215: http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059187.html http://lists.fedoraproject.org/pipermail/package-announce/2011-April/059189.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 21:15:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 06:15:19 +0200 Subject: [SEC] [SA44399] Debian update for iceape Message-ID: <201105040415.p444FJ4D013726@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for iceape SECUNIA ADVISORY ID: SA44399 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44399/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44399 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44399/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44399/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44399 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for iceape. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2227-1: http://lists.debian.org/debian-security-announce/2011/msg00096.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 21:47:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 06:47:44 +0200 Subject: [SEC] [SA44421] Fedora update for mingw32-openssl Message-ID: <201105040447.p444liFL002967@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for mingw32-openssl SECUNIA ADVISORY ID: SA44421 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44421/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44421 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44421/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44421/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44421 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mingw32-openssl. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). For more information: SA43227 SOLUTION: Apply updated packages via the yum utility ("yum update mingw32-openssl"). ORIGINAL ADVISORY: FEDORA-2011-5876: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059314.html FEDORA-2011-5865: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059313.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 3 22:11:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 07:11:46 +0200 Subject: [SEC] [SA44336] Wonderware InBatch BatchField ActiveX Control Buffer Overflow Vulnerability Message-ID: <201105040511.p445Bk90024257@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Wonderware InBatch BatchField ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44336 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44336/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44336 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44336/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44336/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44336 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Wonderware InBatch, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the BatchField ActiveX control and can be exploited to cause a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in version 8.1 SP1. SOLUTION: Apply updates. Contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: US-CERT credits Jeremy Brown. ORIGINAL ADVISORY: Wonderware: http://iom.invensys.com/EN/pdfLibrary/Final.Tech.Alert.141.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 10:32:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 19:32:21 +0200 Subject: [SEC] [SA44116] SUSE update for mono Message-ID: <201105041732.p44HWLfc012978@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for mono SECUNIA ADVISORY ID: SA44116 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44116/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44116 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44116/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44116/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44116 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for mono. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information. For more information: SA41409 SA42174 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SR:2011:008: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 11:36:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 20:36:55 +0200 Subject: [SEC] [SA44408] Horde Security Bypass and Script Insertion Vulnerabilities Message-ID: <201105041836.p44IatIs003664@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Horde Security Bypass and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA44408 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44408/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44408 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44408/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44408/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44408 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and a vulnerability have been reported in Horde, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions. 1) The security issue is caused due to an error in framework/Share/lib/Horde/Share/Object/Sql.php when checking the permission of guest users accessing shared resources and can be exploited to access potentially restricted resources. 2) The vulnerability is caused due to an error in framework/Text_Filter/lib/Horde/Text/Filter/Xss.php when sanitising input, which may result in some input not being sanitised. This can be exploited to insert arbitrary HTML and script code, which will be executed when the malicious data is being viewed. The security issue and the vulnerability are reported in version 4.0.1. Prior versions may also be affected. SOLUTION: Update to version 4.0.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.horde.org/apps/horde/docs/CHANGES OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 12:33:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 21:33:39 +0200 Subject: [SEC] [SA44347] Portable OpenSSH "ssh-keysign" File Descriptor Leak Security Issue Message-ID: <201105041933.p44JXdR4026427@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Portable OpenSSH "ssh-keysign" File Descriptor Leak Security Issue SECUNIA ADVISORY ID: SA44347 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44347/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44347 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44347/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44347/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44347 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Portable OpenSSH, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to "ssh-keysign" leaking file descriptors when executing the "ssh-rand-helper" utility, which can be exploited to disclose private keys. Successful exploitation requires that the system does not provide a built-in source for randomness (e.g. "/dev/random"). Note: Reportedly, Mac OS X, Cygwin, Linux, and BSD-based platforms are not affected. SOLUTION: Update to Portable OpenSSH 5.8p2 or apply patch. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Tomas Mraz. ORIGINAL ADVISORY: http://www.openssh.com/txt/portable-keysign-rand-helper.adv OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 13:31:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 22:31:49 +0200 Subject: [SEC] [SA44426] Fedora update for mingw32-libtiff Message-ID: <201105042031.p44KVnU2016863@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for mingw32-libtiff SECUNIA ADVISORY ID: SA44426 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44426/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44426 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44426/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44426/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44426 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for mingw32-libtiff. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA43593 SOLUTION: Apply updated packages via the yum utility ("yum update mingw32-libtiff"). ORIGINAL ADVISORY: FEDORA-2011-5955: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059464.html FEDORA-2011-5962: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059467.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 14:27:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 23:27:58 +0200 Subject: [SEC] [SA44417] ICONICS VersionInfo ActiveX Control Buffer Overflow Vulnerability Message-ID: <201105042127.p44LRwn1007195@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ICONICS VersionInfo ActiveX Control Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44417 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44417/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44417 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44417/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44417/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44417 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ICONICS VersionInfo ActiveX control, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the "SetActiveXGUID()" method (GenVersion.dll). This can be exploited to cause a stack-based buffer overflow via an overly long string passed in the "Ax_GUID" parameter. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in GenVersion.dll version 8.0.138.0. Other versions may also be affected. SOLUTION: Update to a fixed version. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: Scott Bell and Blair Strang, Security-Assessment.com ORIGINAL ADVISORY: http://www.security-assessment.com/files/documents/advisory/ICONICS_WebHMI.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 14:54:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 4 May 2011 23:54:16 +0200 Subject: [SEC] [SA44409] WordPress Arbitrary File Upload Vulnerability Message-ID: <201105042154.p44LsGBK028566@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA44409 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44409/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44409 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44409/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44409/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44409 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: MustLive has discovered a vulnerability in WordPress, which can be exploited by malicious users to compromise a vulnerable system. The application improperly validates uploaded files, which can be exploited to execute arbitrary PHP code by uploading a .phtml file with e.g. an appended ".gif" file extension. Successful exploitation requires "Author" permissions in the backend and that Apache is not configured to handle the mime-type for media files with e.g. a ".jpg" or ".gif" extension. The vulnerability is confirmed in version 3.1.2. Other versions may also be affected. SOLUTION: Restrict access to the wp-content/uploads directory (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: MustLive ORIGINAL ADVISORY: http://websecurity.com.ua/5108/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 15:16:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 May 2011 00:16:21 +0200 Subject: [SEC] [SA44457] Proofpoint Enterprise Protection Multiple Vulnerabilities Message-ID: <201105042216.p44MGLrF017373@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Proofpoint Enterprise Protection Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44457 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44457/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44457 RELEASE DATE: 2011-05-04 DISCUSS ADVISORY: http://secunia.com/advisories/44457/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44457/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44457 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Proofpoint Enterprise Protection, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks, bypass certain security restrictions, disclose sensitive information, and compromise a vulnerable system. 1) Input passed via the "displayprogress" parameter to enduser/process.cgi is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Note: This vulnerability only affects version 5.5.5. 2) The web interface does not verify credentials before allowing access to the mail filter interface, which can be exploited to gain access to a user's mail filter interface. 3) Certain unspecified input is not properly verified before being used to access files. This can be exploited to access arbitrary files via directory traversal attacks. 4) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 5) An error in the application allows access to certain administrative modules without checking for authentication. 6) Certain unspecified input is not properly sanitised before being used and can be exploited to inject and execute arbitrary commands. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1) Karan Khosla, Sense of Security Labs. 2 - 6) Scott Miles, Clear Skies Security via US-CERT. ORIGINAL ADVISORY: Proofpoint: https://support.proofpoint.com/article.cgi?article_id=338413 Sense of Security Labs: http://www.senseofsecurity.com.au/advisories/SOS-11-005 US-CERT VU#790980: http://www.kb.cert.org/vuls/id/790980 Clear Skies Security: http://www.clearskies.net/documents/css-advisory-css1105-proofpoint.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 15:49:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 May 2011 00:49:07 +0200 Subject: [SEC] [SA44452] Asterisk SIP INVITE Response User Enumeration Weakness Message-ID: <201105042249.p44Mn754006643@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Asterisk SIP INVITE Response User Enumeration Weakness SECUNIA ADVISORY ID: SA44452 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44452/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44452 RELEASE DATE: 2011-05-05 DISCUSS ADVISORY: http://secunia.com/advisories/44452/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44452/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44452 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been discovered in Asterisk, which can be exploited by malicious people to determine valid usernames. The problem is that different responses are being sent when using a valid or an invalid username in INVITE messages. This can be exploited to determine valid usernames by sending specially crafted INVITE messages. The weakness is confirmed in version 1.8.3.3. Other versions may also be affected. SOLUTION: There's currently no known effective workaround. PROVIDED AND/OR DISCOVERED BY: Francesco Tornieri ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/101011/asterisk-1.8.x-sip-username-enumeration.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 4 16:15:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 May 2011 01:15:30 +0200 Subject: [SEC] [SA44400] Ubuntu update for perl Message-ID: <201105042315.p44NFU7B028019@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for perl SECUNIA ADVISORY ID: SA44400 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44400/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44400 RELEASE DATE: 2011-05-05 DISCUSS ADVISORY: http://secunia.com/advisories/44400/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44400/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44400 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for perl. This fixes a vulnerability and some security issues, which can be exploited by malicious people to bypass certain security restrictions and conduct HTTP response splitting attacks. For more information: SA40049 SA42443 SA42461 SA43921 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1129-1: http://www.ubuntu.com/usn/usn-1129-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 5 10:41:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 May 2011 19:41:23 +0200 Subject: [SEC] [SA44092] Directory Listing Script Cross-Site Scripting Vulnerability Message-ID: <201105051741.p45HfNvF001216@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Directory Listing Script Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44092 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44092/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44092 RELEASE DATE: 2011-05-05 DISCUSS ADVISORY: http://secunia.com/advisories/44092/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44092/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44092 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in Directory Listing Script, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the URL to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB22968: http://www.htbridge.ch/advisory/xss_in_php_directory_listing_script.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 5 11:41:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 May 2011 20:41:39 +0200 Subject: [SEC] [SA44422] Ubuntu update for thunderbird Message-ID: <201105051841.p45IfdoQ024182@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for thunderbird SECUNIA ADVISORY ID: SA44422 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44422/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44422 RELEASE DATE: 2011-05-05 DISCUSS ADVISORY: http://secunia.com/advisories/44422/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44422/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44422 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SA44407 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1122-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-May/001325.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 5 12:35:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 May 2011 21:35:45 +0200 Subject: [SEC] [SA44432] Drupal Menu Access Module Menu Description Script Insertion Vulnerability Message-ID: <201105051935.p45JZjxn014433@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Menu Access Module Menu Description Script Insertion Vulnerability SECUNIA ADVISORY ID: SA44432 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44432/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44432 RELEASE DATE: 2011-05-05 DISCUSS ADVISORY: http://secunia.com/advisories/44432/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44432/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44432 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Menu Access module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain unspecified input related to the formatting of menu descriptions is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires "administer menu" permissions. The vulnerability is reported in versions prior to 6.x-1.9. SOLUTION: Update to version 6.x-1.9. PROVIDED AND/OR DISCOVERED BY: The vendor credits Kyle Small. ORIGINAL ADVISORY: SA-CONTRIB-2011-019: http://drupal.org/node/1147194 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 5 13:36:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 May 2011 22:36:47 +0200 Subject: [SEC] [SA44431] SPlayer HTTP Response Processing Buffer Overflow Vulnerability Message-ID: <201105052036.p45KalOi004946@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SPlayer HTTP Response Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44431 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44431/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44431 RELEASE DATE: 2011-05-05 DISCUSS ADVISORY: http://secunia.com/advisories/44431/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44431/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44431 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SPlayer, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing the "Content-Type" header of a HTTP response. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into connecting to a malicious web server. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 3.7.0.2055. Other versions may also be affected. SOLUTION: Do not open playlist files or URLs from untrusted sources. PROVIDED AND/OR DISCOVERED BY: xsploitedsec ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17243/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 5 14:35:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 5 May 2011 23:35:46 +0200 Subject: [SEC] [SA44418] SUSE rubygem-sqlite3 Privilege Escalation Vulnerability Message-ID: <201105052135.p45LZkvm027815@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE rubygem-sqlite3 Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA44418 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44418/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44418 RELEASE DATE: 2011-05-05 DISCUSS ADVISORY: http://secunia.com/advisories/44418/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44418/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44418 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has acknowledged a vulnerability in the rubygem-sqlite3 package for SUSE Linux Enterprise Server (SLES) 11, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to certain files within the rubygem-sqlite3 package being world-writable. This can be exploited to inject arbitrary code, which will be executed with the permissions of the application using the library. SOLUTION: Apply updated packages via the zypper package manager. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: SUSE-SR:2011:008: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 5 15:13:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 May 2011 00:13:56 +0200 Subject: [SEC] [SA44425] IceWarp Server Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201105052213.p45MDuVF017364@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: IceWarp Server Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44425 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44425/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44425 RELEASE DATE: 2011-05-05 DISCUSS ADVISORY: http://secunia.com/advisories/44425/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44425/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44425 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in IceWarp Server, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "_n[p][main]", "_n[w]", "eid", and "_s[action]" parameters to webmail/index.html and the "lang" parameter to install/index.html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 10.2.x. SOLUTION: Update to version 10.3.0 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Deniz Cevik, Biznet. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 5 15:53:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 May 2011 00:53:17 +0200 Subject: [SEC] [SA44423] Red Hat update for xmlsec1 Message-ID: <201105052253.p45MrHPv006927@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for xmlsec1 SECUNIA ADVISORY ID: SA44423 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44423/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44423 RELEASE DATE: 2011-05-06 DISCUSS ADVISORY: http://secunia.com/advisories/44423/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44423/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44423 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for xmlsec1. This fixes a vulnerability, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA43920 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0486-1: https://rhn.redhat.com/errata/RHSA-2011-0486.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 10:34:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 May 2011 19:34:38 +0200 Subject: [SEC] [SA44427] WordPress WP-DBManager Plugin Two Vulnerabilities Message-ID: <201105061734.p46HYcI8013274@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: WordPress WP-DBManager Plugin Two Vulnerabilities SECUNIA ADVISORY ID: SA44427 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44427/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44427 RELEASE DATE: 2011-05-06 DISCUSS ADVISORY: http://secunia.com/advisories/44427/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44427/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44427 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the WP-DBManager plugin for WordPress, which can be exploited by malicious people to conduct cross-site request forgery attacks and disclose sensitive information. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. inject and execute arbitrary shell commands if a logged-in administrative user visits a malicious web site. 2) Input passed via the "database_file" parameter to wp-admin/admin.php (when "page" is set to "wp-dbmanager/database-manage.php" and "do" is set to "Download") is not properly verified before being used to download files. This can be exploited to download arbitrary files from local resources via directory traversal sequences. NOTE: This vulnerability only affects versions prior to 2.61. SOLUTION: Update to version 2.62. PROVIDED AND/OR DISCOVERED BY: The vendor credits Joakim Jardenberg, Jonas Nordstrom, and Andreas Viklund. ORIGINAL ADVISORY: lesterchan: http://lesterchan.net/wordpress/2011/05/01/wp-dbmanager-2-61/ http://lesterchan.net/wordpress/2011/05/03/wp-dbmanager-2-62/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 11:32:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 May 2011 20:32:47 +0200 Subject: [SEC] [SA44473] SUSE update for rsync Message-ID: <201105061832.p46IWlRv003655@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for rsync SECUNIA ADVISORY ID: SA44473 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44473/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44473 RELEASE DATE: 2011-05-06 DISCUSS ADVISORY: http://secunia.com/advisories/44473/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44473/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44473 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for rsync. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA44071 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0441-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00007.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 12:35:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 May 2011 21:35:35 +0200 Subject: [SEC] [SA44392] NetBSD GLOB_LIMIT Resource Exhaustion Denial of Service Message-ID: <201105061935.p46JZZab026709@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: NetBSD GLOB_LIMIT Resource Exhaustion Denial of Service SECUNIA ADVISORY ID: SA44392 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44392/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44392 RELEASE DATE: 2011-05-06 DISCUSS ADVISORY: http://secunia.com/advisories/44392/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44392/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44392 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in NetBSD, which can be exploited by malicious users to cause a DoS (Denial of Service). The weakness is caused due to an insufficient GLOB_LIMIT implementation, which can be exploited to exhaust memory or cause a high CPU load via specially crafted patterns in commands passed to e.g. the ftpd or sftp server processes. SOLUTION: Fixed in the CVS repository. PROVIDED AND/OR DISCOVERED BY: Maksymilian Arciemowicz ORIGINAL ADVISORY: http://securityreason.com/achievement_securityalert/97 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 13:36:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 May 2011 22:36:34 +0200 Subject: [SEC] [SA44450] SUSE update for MozillaFirefox and mozilla-xulrunner Message-ID: <201105062036.p46KaYIS017257@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox and mozilla-xulrunner SECUNIA ADVISORY ID: SA44450 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44450/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44450 RELEASE DATE: 2011-05-06 DISCUSS ADVISORY: http://secunia.com/advisories/44450/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44450/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44450 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox and mozilla-xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SA:2011:022: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 14:25:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 May 2011 23:25:43 +0200 Subject: [SEC] [SA44467] Exim "dkim_exim_verify_finish()" Format String Vulnerability Message-ID: <201105062125.p46LPhAB007273@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Exim "dkim_exim_verify_finish()" Format String Vulnerability SECUNIA ADVISORY ID: SA44467 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44467/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44467 RELEASE DATE: 2011-05-06 DISCUSS ADVISORY: http://secunia.com/advisories/44467/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44467/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44467 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Exim, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a format string error within the "dkim_exim_verify_finish()" function in src/dkim.c when handling DKIM signatures containing format string specifiers, which can be exploited to e.g. cause a crash or memory corruption by sending emails with a specially crafted "DKIM-Signature:" header. The vulnerability is confirmed in version 4.75. Other versions may also be affected. SOLUTION: Fixed in version 4.76 RC1. PROVIDED AND/OR DISCOVERED BY: John Levine ORIGINAL ADVISORY: http://bugs.exim.org/show_bug.cgi?id=1106 https://lists.exim.org/lurker/message/20110506.112357.e99a8db1.en.html https://lists.exim.org/lurker/thread/20110505.110843.508a1c46.en.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 14:47:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 6 May 2011 23:47:03 +0200 Subject: [SEC] [SA44454] VMware vCenter Server / VirtualCenter Information Disclosure and Directory Traversal Message-ID: <201105062147.p46Ll3bA028416@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: VMware vCenter Server / VirtualCenter Information Disclosure and Directory Traversal SECUNIA ADVISORY ID: SA44454 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44454/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44454 RELEASE DATE: 2011-05-06 DISCUSS ADVISORY: http://secunia.com/advisories/44454/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44454/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44454 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and a vulnerability have been reported in VMware vCenter Server and VirtualCenter, which can be exploited by malicious, local users and malicious people to disclose sensitive information. 1) A security issue exists due to a certain log file insecurely storing a SOAP session ID and can be exploited to disclose the ID of an administrative user. This vulnerability does not affect VirtualCenter running on Windows. 2) An input validation error within an unspecified component can be exploited to disclose arbitrary files via directory traversal attacks. This vulnerability does not affect installations running on Windows 2008 or Windows 2008 R2. Please see the vendor's advisory for a list of affected products. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Claudio Criscione. 2) Reported by the vendor. ORIGINAL ADVISORY: http://www.vmware.com/security/advisories/VMSA-2011-0008.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 15:12:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 00:12:12 +0200 Subject: [SEC] [SA43739] MuPDF Firefox Plugin Buffer Overflow Vulnerability Message-ID: <201105062212.p46MCCZp017371@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: MuPDF Firefox Plugin Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA43739 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43739/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43739 RELEASE DATE: 2011-05-06 DISCUSS ADVISORY: http://secunia.com/advisories/43739/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43739/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43739 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered a vulnerability in the MuPDF plugin for Firefox, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "pdfmoz_onmouse()" function in apps/mozilla/moz_main.c and can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into visiting a specially crafted website. Successful exploitation allows execution of arbitrary code. The vulnerability is confirmed in version 2008.09.02. Other versions may also be affected. SOLUTION: Use another product. PROVIDED AND/OR DISCOVERED BY: Stefan Cornelius, Secunia Research. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2011-38/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 15:46:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 00:46:55 +0200 Subject: [SEC] [SA44461] Red Hat update for python Message-ID: <201105062246.p46MktKH006738@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for python SECUNIA ADVISORY ID: SA44461 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44461/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44461 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44461/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44461/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44461 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for python. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA36433 SA39937 SA40148 SA41968 SA43463 SA43831 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0491-1: https://rhn.redhat.com/errata/RHSA-2011-0491.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 16:12:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 01:12:04 +0200 Subject: [SEC] [SA44472] SUSE update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey Message-ID: <201105062312.p46NC4Oc028071@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey SECUNIA ADVISORY ID: SA44472 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44472/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44472 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44472/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44472/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44472 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SA44406 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0437-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00005.html SUSE-SA:2011:022: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 16:46:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 01:46:48 +0200 Subject: [SEC] [SA44455] SUSE update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey Message-ID: <201105062346.p46Nkmsi017447@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey SECUNIA ADVISORY ID: SA44455 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44455/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44455 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44455/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44455/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44455 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox, MozillaThunderbird, mozilla-xulrunner, and seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0437-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00005.html SUSE-SA:2011:022: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 17:17:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 02:17:49 +0200 Subject: [SEC] [SA44451] Ubuntu update for kernel Message-ID: <201105070017.p470Hnk2006651@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA44451 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44451/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44451 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44451/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44451/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44451 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for kernel. This fixes some security issues and vulnerabilities, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS (Denial of Service). For more information: SA42094 SA42354 SA43009 SA43693 SA43716 SA43946 SA44267 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1111-1: http://www.ubuntu.com/usn/usn-1111-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 17:48:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 02:48:20 +0200 Subject: [SEC] [SA44464] Red Hat update for java-1.4.2-ibm Message-ID: <201105070048.p470mK7O028213@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.4.2-ibm SECUNIA ADVISORY ID: SA44464 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44464/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44464 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44464/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44464/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44464 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.4.2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA43295 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0490-1: https://rhn.redhat.com/errata/RHSA-2011-0490.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 18:11:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 03:11:40 +0200 Subject: [SEC] [SA44474] Red Hat update for python Message-ID: <201105070111.p471BeXZ017068@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for python SECUNIA ADVISORY ID: SA44474 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44474/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44474 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44474/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44474/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44474 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for python. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). For more information: SA36433 SA41968 SA43463 SA43831 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0492-1: https://rhn.redhat.com/errata/RHSA-2011-0492.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 18:46:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 03:46:38 +0200 Subject: [SEC] [SA44416] BIND Response Policy Zones RRSIG Query Assertion Failure Denial of Service Message-ID: <201105070146.p471kcsp006445@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: BIND Response Policy Zones RRSIG Query Assertion Failure Denial of Service SECUNIA ADVISORY ID: SA44416 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44416/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44416 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44416/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44416/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44416 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an assertion failure when processing RRSIG queries if the Response Policy Zones (RPZ) mechanism is used for RRset replacement, which can be exploited to terminate the server via RRSIG queries. The vulnerability is reported in version 9.8.0. SOLUTION: Update to version 9.8.0-P1 or higher. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Mitsuru Shimamura, Internet Initiative Japan. ORIGINAL ADVISORY: https://www.isc.org/CVE-2011-1907 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 19:17:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 04:17:33 +0200 Subject: [SEC] [SA44429] aXes Terminal Server "login" Cross-Site Scripting Vulnerability Message-ID: <201105070217.p472HXSf028500@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: aXes Terminal Server "login" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44429 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44429/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44429 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44429/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44429/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44429 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Patrick Webster has reported a vulnerability in aXes Terminal Server, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "login" parameter in axests/terminal is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version V1R3M5 / VRM130.000 (135001). Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Patrick Webster, OSI Security. ORIGINAL ADVISORY: http://www.osisecurity.com.au/advisories/lansa-axes-web-terminal-tn5250-cross-site-scripting OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 19:46:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 04:46:36 +0200 Subject: [SEC] [SA44470] Fedora update for widelands Message-ID: <201105070246.p472ka7m017605@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for widelands SECUNIA ADVISORY ID: SA44470 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44470/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44470 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44470/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44470/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44470 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for widelands. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application not properly verifying saved game or map file names provided by the server, which can be exploited overwrite arbitrary files via directory traversal attacks by tricking a user into connecting to a malicious game server. SOLUTION: Apply updated packages via the yum utility ("yum update widelands"). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: FEDORA-2011-6110: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059611.html FEDORA-2011-6124: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059632.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 6 20:11:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 7 May 2011 05:11:48 +0200 Subject: [SEC] [SA44471] Fedora update for sssd Message-ID: <201105070311.p473BmC1006550@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for sssd SECUNIA ADVISORY ID: SA44471 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44471/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44471 RELEASE DATE: 2011-05-07 DISCUSS ADVISORY: http://secunia.com/advisories/44471/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44471/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44471 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for sssd. This fixes a security issue, which can be exploited by malicious people to hijack another user's account. For more information: SA44387 SOLUTION: Apply updated packages via the yum utility ("yum update sssd"). ORIGINAL ADVISORY: FEDORA-2011-5815: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059619.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 10:31:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 May 2011 19:31:07 +0200 Subject: [SEC] [SA44494] GetSimple CMS "set" Local File Inclusion Vulnerability Message-ID: <201105091731.p49HV7YL032216@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: GetSimple CMS "set" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA44494 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44494/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44494 RELEASE DATE: 2011-05-09 DISCUSS ADVISORY: http://secunia.com/advisories/44494/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44494/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44494 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in GetSimple CMS, which can be exploited by malicious people to disclose sensitive information. Input passed via the "set" parameter to index.php is not properly verified before being used in admin/inc/plugin_functions.php. This can be exploited to include arbitrary files from local resources via directory traversal sequences. The vulnerability is confirmed in version 3.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/GetSimple-3.0-Local-File-Inclusion-202 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 11:33:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 May 2011 20:33:24 +0200 Subject: [SEC] [SA44497] Ampache "username" Cross-Site Scripting Vulnerability Message-ID: <201105091833.p49IXOg0022785@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ampache "username" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44497 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44497/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44497 RELEASE DATE: 2011-05-09 DISCUSS ADVISORY: http://secunia.com/advisories/44497/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44497/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44497 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Ampache, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "username" parameter in login.php is not properly sanitised before being returned to the user in templates/show_login_form.inc.php. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.5.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/Ampache-3.5.4-Reflected-Cross-site-Scripting-199 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 12:31:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 May 2011 21:31:10 +0200 Subject: [SEC] [SA44492] Serva HTTP Request Processing Denial of Service Vulnerability Message-ID: <201105091931.p49JVAgb013184@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Serva HTTP Request Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44492 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44492/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44492 RELEASE DATE: 2011-05-09 DISCUSS ADVISORY: http://secunia.com/advisories/44492/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44492/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44492 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Serva, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing HTTP web requests and can be exploited to crash the process via a request containing an overly long string. The vulnerability is confirmed in version 1.2.0. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/Serva32-1.2.00-RC1-Denial-Of-Service-207 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 13:31:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 May 2011 22:31:42 +0200 Subject: [SEC] [SA44516] Samsung Data Management Server SQL Injection Vulnerability Message-ID: <201105092031.p49KVghW003663@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Samsung Data Management Server SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44516 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44516/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44516 RELEASE DATE: 2011-05-09 DISCUSS ADVISORY: http://secunia.com/advisories/44516/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44516/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44516 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Samsung Data Management Server, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation may allow bypassing the authentication mechanism. The vulnerability is reported in versions 1.3.3, 1.4.1, and 1.4.2. Other versions may also be affected. SOLUTION: Update to version 1.4.3. PROVIDED AND/OR DISCOVERED BY: Jose A. Guasch, SecurityByDefault. ORIGINAL ADVISORY: Samsung: http://www.dvmcare.com/SRM/dms/download.html ICS-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-11-069-01.pdf SecurityByDefault: http://www.securitybydefault.com/2011/05/una-inyeccion-sql-que-te-dejara-helado.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 14:25:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 May 2011 23:25:09 +0200 Subject: [SEC] [SA44485] FestOS Arbitrary File Upload Vulnerability Message-ID: <201105092125.p49LP9ZA026268@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: FestOS Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA44485 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44485/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44485 RELEASE DATE: 2011-05-09 DISCUSS ADVISORY: http://secunia.com/advisories/44485/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44485/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44485 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in FestOS, which can be exploited by malicious people to compromise a vulnerable system. The admin/includes/tiny_mce/plugins/tinybrowser/upload.php script improperly validates uploaded files, which can be exploited to execute arbitrary PHP code by uploading e.g. a PHP file with an appended ".gif" file extension. Successful exploitation requires that Apache is not configured to handle the mime-type for media files with e.g. a ".jpg" or ".gif" extension. The vulnerability is confirmed in version 2.3c. Other versions may also be affected. SOLUTION: Restrict access to the cache/images directory (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: KedAns-Dz OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 14:46:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 9 May 2011 23:46:03 +0200 Subject: [SEC] [SA44478] Debian update for exim4 Message-ID: <201105092146.p49Lk3DJ014990@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for exim4 SECUNIA ADVISORY ID: SA44478 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44478/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44478 RELEASE DATE: 2011-05-09 DISCUSS ADVISORY: http://secunia.com/advisories/44478/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44478/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44478 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for exim4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA44467 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2232-1: http://lists.debian.org/debian-security-announce/2011/msg00101.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 15:11:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 00:11:30 +0200 Subject: [SEC] [SA44530] SUSE update for libzip Message-ID: <201105092211.p49MBUp0003903@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for libzip SECUNIA ADVISORY ID: SA44530 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44530/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44530 RELEASE DATE: 2011-05-09 DISCUSS ADVISORY: http://secunia.com/advisories/44530/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44530/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44530 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libzip. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43621 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0449-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00011.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 15:46:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 00:46:34 +0200 Subject: [SEC] [SA44528] Fedora update for firefox, thunderbird, and xulrunner Message-ID: <201105092246.p49MkYCx025665@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for firefox, thunderbird, and xulrunner SECUNIA ADVISORY ID: SA44528 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44528/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44528 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44528/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44528/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44528 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for firefox, thunderbird, and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SA44406 SOLUTION: Apply updated packages via the yum utility ("yum update firefox thunderbird xulrunner"). ORIGINAL ADVISORY: FEDORA-2011-6205: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059704.html http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059709.html http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059710.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 16:11:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 01:11:37 +0200 Subject: [SEC] [SA44479] Debian update for otrs2 Message-ID: <201105092311.p49NBb9n014588@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for otrs2 SECUNIA ADVISORY ID: SA44479 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44479/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44479 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44479/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44479/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44479 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for otrs2. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA44029 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2231-1: http://lists.debian.org/debian-security-announce/2011/msg00100.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 16:46:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 01:46:07 +0200 Subject: [SEC] [SA44484] DORG Cross-Site Request Forgery Vulnerability Message-ID: <201105092346.p49Nk7mP003903@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: DORG Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44484 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44484/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44484 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44484/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44484/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44484 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: KnockOut has discovered a vulnerability in DORG, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site. The vulnerability is confirmed in version 1.1.0. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: KnockOut OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 17:14:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 02:14:35 +0200 Subject: [SEC] [SA44529] Fedora update for asterisk Message-ID: <201105100014.p4A0EZb2025373@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for asterisk SECUNIA ADVISORY ID: SA44529 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44529/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44529 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44529/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44529/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44529 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for asterisk. This fixes two vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). For more information: SA44197 SOLUTION: Apply updated packages via the yum utility ("yum update asterisk"). ORIGINAL ADVISORY: FEDORA-2011-6208: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059702.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 17:46:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 02:46:36 +0200 Subject: [SEC] [SA44522] Skype for Mac Message Processing Code Execution Vulnerability Message-ID: <201105100046.p4A0kaOV014601@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Skype for Mac Message Processing Code Execution Vulnerability SECUNIA ADVISORY ID: SA44522 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44522/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44522 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44522/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44522/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44522 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Skype for Mac, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an unspecified error when processing messages from a contact. No further information is currently available. Successful exploitation may allow execution of arbitrary code but requires that a contact is already added to the victim's Contact List. SOLUTION: Update to version 5.1.0.922. PROVIDED AND/OR DISCOVERED BY: Gordon Maddern, Pure Hacking. ORIGINAL ADVISORY: Skype: http://blogs.skype.com/security/2011/05/security_vulnerability_in_mac.html Pure Hacking: http://www.purehacking.com/blogs/gordon-maddern/skype-0day-vulnerabilitiy-discovered-by-pure-hacking OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 18:12:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 03:12:04 +0200 Subject: [SEC] [SA44495] TCExam Two SQL Injection Vulnerabilities Message-ID: <201105100112.p4A1C4NR003507@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: TCExam Two SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA44495 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44495/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44495 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44495/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44495/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44495 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered two vulnerabilities in TCExam, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "startdate" and "enddate" parameters to admin/code/tce_xml_user_results.php (when "user_id" is set to a valid value) is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 11.1.029 and confirmed in version 11.1.016. Other versions may also be affected. SOLUTION: Update to version 11.1.031. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/TCExam-11.1.029-SQL-Injection-201 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 9 18:47:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 03:47:12 +0200 Subject: [SEC] [SA44476] TCExam "order_field" SQL Injection Vulnerability Message-ID: <201105100147.p4A1lCDe025288@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: TCExam "order_field" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44476 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44476/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44476 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44476/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44476/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44476 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in TCExam, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "order_field" parameter to admin/code/tce_xml_user_results.php (when "user_id" is set to a valid value) is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 11.1.031. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/TCExam-11.1.029-SQL-Injection-201 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 10:31:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 19:31:48 +0200 Subject: [SEC] [SA44498] Red Hat update for xen Message-ID: <201105101731.p4AHVmWG023620@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for xen SECUNIA ADVISORY ID: SA44498 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44498/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44498 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44498/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44498/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44498 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for xen. This fixes some vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA44502 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 11:31:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 20:31:20 +0200 Subject: [SEC] [SA44533] OpenVMS update for SSL Message-ID: <201105101831.p4AIVK9j014079@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenVMS update for SSL SECUNIA ADVISORY ID: SA44533 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44533/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44533 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44533/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44533/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44533 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for SSL in OpenVMS. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise an application using the library. For more information: SA42243 SA42473 SA43227 The vulnerabilities are reported in HP SSL version 1.4 and earlier. SOLUTION: Update to HP SSL version 1.4-453 for OpenVMS Alpha and OpenVMS Integrity servers: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: HPSBOV02670 SSRT100475: https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02824483 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 12:31:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 21:31:24 +0200 Subject: [SEC] [SA44532] OpenVMS update for Secure Web Server Message-ID: <201105101931.p4AJVOxi004555@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenVMS update for Secure Web Server SECUNIA ADVISORY ID: SA44532 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44532/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44532 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44532/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44532/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44532 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for Secure Web Server in OpenVMS. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to conduct cross-site scripting attacks, manipulate certain data, cause a DoS (Denial of Service), bypass certain security restrictions, and compromise a vulnerable system. For more information: SA10096 SA11841 SA16502 SA18008 SA18307 SA21172 SA21197 SA21709 SA22130 SA28081 SA35781 SA36675 SA36791 SA37291 SA38319 The vulnerabilities are reported in HP Secure Web Server (SWS) version 2.1-1 and earlier, based on Apache. SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: HPSBOV02683 SSRT090208: https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02824490 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 13:31:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 22:31:05 +0200 Subject: [SEC] [SA44538] Microsoft Windows WINS Service Failed Response Data Reuse Vulnerability Message-ID: <201105102031.p4AKV55K027425@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft Windows WINS Service Failed Response Data Reuse Vulnerability SECUNIA ADVISORY ID: SA44538 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44538/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44538 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44538/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44538/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44538 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the Windows Internet Name Service (WINS) reusing certain data structures containing attacker controlled values when handling a socket send exception. This can be exploited to access or manipulate certain memory via a specially crafted replication packet. Successful exploitation may allow execution of arbitrary code, but requires the WINS service to be enabled (disabled by default). SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Luigi Auriemma via ZDI. ORIGINAL ADVISORY: MS11-035 (KB2524426): http://www.microsoft.com/technet/security/bulletin/MS11-035.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 14:25:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 23:25:14 +0200 Subject: [SEC] [SA44539] Microsoft Office for Mac Presentation File Parsing Memory Corruption Vulnerability Message-ID: <201105102125.p4ALPEJC017634@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft Office for Mac Presentation File Parsing Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA44539 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44539/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44539 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44539/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44539/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44539 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Office for Mac, which can be exploited by malicious people to compromise a user's system. For more information see vulnerability #1 in: SA44537 SOLUTION: Security updates are currently unavailable. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-036 (KB2545814): http://www.microsoft.com/technet/security/Bulletin/MS11-036.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 14:45:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 10 May 2011 23:45:53 +0200 Subject: [SEC] [SA44537] Microsoft Office PowerPoint Two Vulnerabilities Message-ID: <201105102145.p4ALjrJd006348@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Microsoft Office PowerPoint Two Vulnerabilities SECUNIA ADVISORY ID: SA44537 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44537/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44537 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44537/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44537/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44537 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Office PowerPoint, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error when making certain function calls can be exploited to corrupt memory. No further information is currently available. 2) An unspecified error when parsing PowerPoint files can be exploited to corrupt memory. No further information is currently available. Successful exploitation of the vulnerabilities allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-036 (KB2545814, KB2535802, KB2535812, KB2535818, KB2540162): http://www.microsoft.com/technet/security/Bulletin/MS11-036.mspx OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 15:11:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 00:11:13 +0200 Subject: [SEC] [SA44534] OpenVMS update for Kerberos Message-ID: <201105102211.p4AMBDhc027669@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenVMS update for Kerberos SECUNIA ADVISORY ID: SA44534 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44534/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44534 RELEASE DATE: 2011-05-10 DISCUSS ADVISORY: http://secunia.com/advisories/44534/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44534/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44534 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for Kerberos in OpenVMS. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, conduct spoofing attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA29428 SA34347 SA38080 SA42396 The vulnerabilities are reported in Kerberos for OpenVMS version 3.1 and earlier. SOLUTION: Update to Kerberos version 3.2 for OpenVMS Alpha and OpenVMS Integrity servers. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: HPSBOV02682 SSRT100495: https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02824440 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 15:46:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 00:46:04 +0200 Subject: [SEC] [SA44535] HP Tru64 UNIX and OpenVMS update for Java Message-ID: <201105102246.p4AMk4C3017019@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP Tru64 UNIX and OpenVMS update for Java SECUNIA ADVISORY ID: SA44535 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44535/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44535 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44535/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44535/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44535 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for Java in HP Tru64 UNIX and OpenVMS. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1: SA43262 Please see the vendor's advisories for a list of affected versions. SOLUTION: Update Java Development Kit (JDK) and/or the Java Runtime Environment (JRE) via the FPUpdater tool. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: HPSBTU02684 SSRT100390: https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02826781 HPSBOV02634 SSRT100390: https://www.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02822093 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 16:11:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 01:11:55 +0200 Subject: [SEC] [SA44503] Fedora update for kernel Message-ID: <201105102311.p4ANBthG005981@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA44503 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44503/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44503 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44503/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44503/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44503 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes multiple vulnerabilities which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA43009 SA43537 SA44248 SOLUTION: Apply updated packages via the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2011-6541: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059860.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 16:46:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 01:46:11 +0200 Subject: [SEC] [SA44500] Postfix SMTP SASL Authentication Context Data Reuse Vulnerability Message-ID: <201105102346.p4ANkBME027705@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Postfix SMTP SASL Authentication Context Data Reuse Vulnerability SECUNIA ADVISORY ID: SA44500 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44500/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44500 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44500/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44500/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44500 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Postfix, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to the Cyrus SASL library in the SMTP server not releasing session context data structures when processing certain authentication methods (e.g. CRAM-MD5 or DIGEST-MD5). This can be exploited to access or manipulate context dependent memory by aborting an authentication session and starting a new one. Successful exploitation requires that Cyrus SASL authentication is enabled (e.g. "smtpd_sasl_auth_enable = yes") and supports methods other than PLAIN or LOGIN. NOTE: Successful exploitation for arbitrary code execution has not been proven, but cannot be ruled out based on current vulnerability details. This section will be updated when more information becomes available. The vulnerability is reported in versions prior to 2.5.13, 2.6.10, 2.7.4, and 2.8.3. SOLUTION: Update to version 2.5.13, 2.6.10, 2.7.4, or 2.8.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Thomas Jarosch, Intra2net AG. ORIGINAL ADVISORY: http://www.postfix.org/CVE-2011-1720.html http://thread.gmane.org/gmane.mail.postfix.announce/127 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 17:14:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 02:14:20 +0200 Subject: [SEC] [SA44501] Apache Struts XWork "" Error Pages Cross-Site Scripting Vulnerability Message-ID: <201105110014.p4B0EKaf016751@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache Struts XWork "" Error Pages Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44501 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44501/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44501 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44501/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44501/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44501 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache Struts, which can be exploited by malicious people to conduct cross-site scripting attacks. Action or method names passed via the "" tag using bash syntax are not properly sanitised by XWork before being used to generate error pages when the actions or methods are not defined. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that Dynamic Method Invocation is enabled (enabled by default). The vulnerability is reported in versions 2.0.0 through 2.2.1.1. SOLUTION: Update to version 2.2.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Dr. Marian Ventuneac, Genworth. ORIGINAL ADVISORY: http://struts.apache.org/2.x/docs/s2-006.html https://issues.apache.org/jira/browse/WW-3579 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 17:46:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 02:46:48 +0200 Subject: [SEC] [SA44536] Kay Framework Attribute Exchange Signatures Security Issue Message-ID: <201105110046.p4B0kmCh005998@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Kay Framework Attribute Exchange Signatures Security Issue SECUNIA ADVISORY ID: SA44536 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44536/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44536 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44536/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44536/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44536 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Kay Framework, which can be exploited by malicious people to manipulate certain data. The security issue is caused due to the library not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information. The security issue is reported in versions prior to 1.0.2 and 1.1.1. SOLUTION: Update to version 1.0.2 or 1.1.1. PROVIDED AND/OR DISCOVERED BY: The OpenID Foundation credits Rui Wang, Shuo Chen, and XiaoFeng Wang. ORIGINAL ADVISORY: http://openid.net/2011/05/05/attribute-exchange-security-alert/ http://code.google.com/p/kay-framework/downloads/detail?name=kay-1.0.2.zip http://code.google.com/p/kay-framework/downloads/detail?name=kay-1.1.1.zip OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 18:11:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 03:11:32 +0200 Subject: [SEC] [SA44502] Xen PV Kernel Decompression Multiple Vulnerabilities Message-ID: <201105110111.p4B1BWQs027298@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Xen PV Kernel Decompression Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44502 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44502/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44502 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44502/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44502/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44502 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Xen, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. 1) An integer overflow error within the decompression of paravirtualised guests can be exploited to cause a buffer overflow and potentially execute arbitrary code. Note: This only affects management domains with 32bit userland. 2) Integer overflow errors within the decompression of paravirtualised guests can be exploited to disclose potentially sensitive information. 3) An error within the decompression of paravirtualised guests can be exploited to cause an infinite loop. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00483.html http://lists.xensource.com/archives/html/xen-devel/2011-05/msg00491.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 18:47:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 03:47:50 +0200 Subject: [SEC] [SA44489] ZAPms "nick" SQL Injection Vulnerability Message-ID: <201105110147.p4B1lo3w016711@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ZAPms "nick" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44489 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44489/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44489 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44489/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44489/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44489 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ZAPms, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "nick" parameter to zap/index.php is not properly sanitised in zap/modules/users/Users.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows bypassing the authentication mechanism. The vulnerability is confirmed in version 1.22. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: KedAns-Dz OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 19:20:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 04:20:33 +0200 Subject: [SEC] [SA44496] OpenID4Java Attribute Exchange Signatures Security Issue Message-ID: <201105110220.p4B2KXKi006414@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: OpenID4Java Attribute Exchange Signatures Security Issue SECUNIA ADVISORY ID: SA44496 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44496/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44496 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44496/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44496/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44496 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in OpenID4Java, which can be exploited by malicious people to manipulate certain data. The security issue is caused due to the library not properly verifying the signature of Attribute Exchange (AX) information, which can be exploited to manipulate AX information. The security issue is reported in versions prior to 0.9.6.662. SOLUTION: Update to version 0.9.6.662. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The OpenID Foundation credits Rui Wang, Shuo Chen, and XiaoFeng Wang. ORIGINAL ADVISORY: http://openid.net/2011/05/05/attribute-exchange-security-alert/ http://code.google.com/p/openid4java/source/browse/trunk/CHANGELOG?spec=svn662&r=662 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 19:47:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 04:47:19 +0200 Subject: [SEC] [SA44468] Sybase M-Business Anywhere Multiple Buffer Overflow Vulnerabilities Message-ID: <201105110247.p4B2lJjR027793@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Sybase M-Business Anywhere Multiple Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA44468 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44468/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44468 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44468/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44468/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44468 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Sybase M-Business Anywhere, which can be exploited by malicious people to compromise a vulnerable system. 1) An error within the gsoap module when handling the "password" closing tag in a SOAP packet can be exploited to cause a buffer overflow via a specially crafted POST request sent to TCP ports 8093 or 8094. 2) A boundary error within the agd component when calling the "encodeUsername()" function can be exploited to cause a heap-based buffer overflow via a specially crafted request sent to TCP ports 80 or 443. 3) A boundary error within the agsync library when handling the "username" parameter can be exploited to cause a heap-based buffer overflow via specially crafted SOAP or HTTP requests sent to TCP ports 80 and 443. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the following versions: * Sybase M-Business Anywhere versions 6.7 (Windows Build249.18612, SunOS Build250.18613, Linux Build251.18614) and later. * Sybase M-Business Anywhere versions 7.0 (Windows Build661.18594, SunOS Build664.18596, Linux Build663.18595) and later. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1, 2) AbdulAziz Hariri via ZDI. 3) Luigi Auriemma via ZDI. ORIGINAL ADVISORY: Sybase: http://www.sybase.com/detail?id=1093029 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-154/ http://www.zerodayinitiative.com/advisories/ZDI-11-155/ http://www.zerodayinitiative.com/advisories/ZDI-11-156/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 20:11:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 05:11:59 +0200 Subject: [SEC] [SA44509] SUSE update for exim Message-ID: <201105110311.p4B3Bx0G016694@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for exim SECUNIA ADVISORY ID: SA44509 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44509/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44509 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44509/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44509/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44509 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for exim. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA44467 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0456-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00014.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 20:47:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 05:47:11 +0200 Subject: [SEC] [SA44504] Fedora update for polkit Message-ID: <201105110347.p4B3lB7i006055@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for polkit SECUNIA ADVISORY ID: SA44504 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44504/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44504 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44504/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44504/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44504 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for polkit. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA44266 SOLUTION: Apply updated packages via the yum utility ("yum update polkit"). ORIGINAL ADVISORY: FEDORA-2011-5676: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059859.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 21:12:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 06:12:48 +0200 Subject: [SEC] [SA44487] EC-CUBE Cross-Site Request Forgery Vulnerability Message-ID: <201105110412.p4B4Cmou027381@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: EC-CUBE Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44487 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44487/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44487 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44487/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44487/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44487 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in EC-CUBE, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. ban an administrative user by tricking a logged-in administrator into visiting a malicious web site. The vulnerability is confirmed in version 2.4.4. Other versions may also be affected. SOLUTION: Update to version 2.11.1. PROVIDED AND/OR DISCOVERED BY: Masako Oono, via JVN. ORIGINAL ADVISORY: http://jvn.jp/en/jp/JVN37878530/index.html http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000029.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 10 21:47:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 06:47:31 +0200 Subject: [SEC] [SA44493] Exponent CMS Multiple Vulnerabilities Message-ID: <201105110447.p4B4lVgA016726@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Exponent CMS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44493 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44493/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44493 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44493/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44493/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44493 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in Exponent CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks and disclose sensitive information. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site. 2) Input passed via the "controller" parameter to content_selector.php (when "section" and "action" are set) is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. 3) Input passed via the "file" parameter to framework/modules/pixidou/download.php is not properly verified before being used to download files. This can be exploited to download arbitrary files from local resources via directory traversal sequences. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 2.0.0 beta2.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: 1) outlaw.dll 2-3) AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/Exponent-2.0.0-beta-1.1-Local-File-Inclusion---Arbitrary-Read-203 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 10:32:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 19:32:54 +0200 Subject: [SEC] [SA44545] SUSE update for libzip1 Message-ID: <201105111732.p4BHWsA1006494@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for libzip1 SECUNIA ADVISORY ID: SA44545 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44545/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44545 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44545/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44545/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44545 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libzip1. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43621 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0450-1: https://hermes.opensuse.org/messages/8356811 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 11:32:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 20:32:51 +0200 Subject: [SEC] [SA44557] SUSE update for tgt Message-ID: <201105111832.p4BIWp9g029365@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for tgt SECUNIA ADVISORY ID: SA44557 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44557/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44557 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44557/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44557/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44557 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for tgt. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43713 SOLUTION: Apply updated packages. Please see the vendor's advisory for more information. ORIGINAL ADVISORY: SUSE-SU-2011:0429-1: https://hermes.opensuse.org/messages/8356817 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 12:31:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 21:31:49 +0200 Subject: [SEC] [SA44559] SUSE update for dbus Message-ID: <201105111931.p4BJVnbx019796@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for dbus SECUNIA ADVISORY ID: SA44559 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44559/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44559 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44559/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44559/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44559 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for dbus. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA32127 SA42580 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SU-2011:0123-2: https://hermes.opensuse.org/messages/8356452 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 13:32:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 22:32:23 +0200 Subject: [SEC] [SA44555] Big Brother Arbitrary File Deletion and Upload Vulnerabilities Message-ID: <201105112032.p4BKWNQW010293@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Big Brother Arbitrary File Deletion and Upload Vulnerabilities SECUNIA ADVISORY ID: SA44555 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44555/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44555 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44555/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44555/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44555 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered two vulnerabilities in Big Brother, which can be exploited by malicious people to manipulate certain data and compromise a vulnerable system. 1) An input validation error in the Server service (bbntd.exe) when handling "page" requests can be exploited to delete arbitrary files via directory traversal specifiers sent in a specially crafted packet to TCP port 1984. 2) A second input validation error in the Server service (bbntd.exe) when handling "ack" requests can be exploited to upload arbitrary files via directory traversal specifiers sent in a specially crafted packet to TCP port 1984. The vulnerabilities are confirmed in version 4.40. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists). PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/bbntd_1-adv.txt http://aluigi.altervista.org/adv/bbntd_2-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 14:25:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 23:25:52 +0200 Subject: [SEC] [SA44549] SUSE update for libtiff Message-ID: <201105112125.p4BLPpoL000415@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for libtiff SECUNIA ADVISORY ID: SA44549 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44549/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44549 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44549/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44549/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44549 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libtiff. This fixes two vulnerabilities, which can be exploited by malicious people to potentially compromise an application using the library. For more information: SA43582 SA43593 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SU-2011:0463-1: https://hermes.opensuse.org/messages/8358691 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 14:46:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 11 May 2011 23:46:57 +0200 Subject: [SEC] [SA44544] Red Hat update for kernel Message-ID: <201105112146.p4BLkv0T021600@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA44544 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44544/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44544 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44544/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44544/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44544 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, bypass certain security restrictions, potentially gain escalated privileges, and cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service). For more information: SA42176 SA42365 SA43009 SA43127 SA43303 SA43358 SA43537 SA43668 SA44435 SA44442 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0498-1: https://rhn.redhat.com/errata/RHSA-2011-0498.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 15:12:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 00:12:05 +0200 Subject: [SEC] [SA44453] BMC Remedy Knowledge Management Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201105112212.p4BMC5WM010518@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: BMC Remedy Knowledge Management Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44453 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44453/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44453 RELEASE DATE: 2011-05-11 DISCUSS ADVISORY: http://secunia.com/advisories/44453/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44453/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44453 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Richard Brain has reported some vulnerabilities in BMC Remedy Knowledge Management, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "doc" parameter to external.jsp and viewdoc.jsp and the "startDate" parameter to search.jsp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the URL to usersettings.jsp and AttachmentServlet is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. The vulnerabilities are reported in version 7.5.00. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Richard Brain, ProCheckUp. ORIGINAL ADVISORY: ProCheckUp: http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 15:47:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 00:47:30 +0200 Subject: [SEC] [SA44527] syslog-ng PCRE Denial of Service Vulnerability Message-ID: <201105112247.p4BMlU30032281@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: syslog-ng PCRE Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44527 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44527/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44527 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44527/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44527/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44527 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in syslog-ng, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when handling certain regular expressions in combination with the "global" flag, which can be exploited to trigger an infinite loop and cause high CPU and memory consumption. Note: This may only be a problem when using certain PCRE versions (e.g. version 8.12). SOLUTION: Update to version 3.2.4. PROVIDED AND/OR DISCOVERED BY: Micah Anderson ORIGINAL ADVISORY: https://lists.balabit.hu/pipermail/syslog-ng/2011-April/016444.html https://lists.balabit.hu/pipermail/syslog-ng/2011-May/016576.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 16:13:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 01:13:23 +0200 Subject: [SEC] [SA44543] Red Hat update for kernel-rt Message-ID: <201105112313.p4BNDNe8021239@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel-rt SECUNIA ADVISORY ID: SA44543 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44543/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44543 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44543/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44543/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44543 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for kernel-rt. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, gain escalated privileges, and cause a DoS (Denial of Service), by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS (Denial of Service). For more information: SA43009 SA43358 SA43537 SA43693 SA43806 SA44136 SA44435 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0500-1: https://rhn.redhat.com/errata/RHSA-2011-0500.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 16:47:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 01:47:25 +0200 Subject: [SEC] [SA44560] Citrix XenServer Unspecified Denial of Service Weaknesses Message-ID: <201105112347.p4BNlPa1010541@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Citrix XenServer Unspecified Denial of Service Weaknesses SECUNIA ADVISORY ID: SA44560 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44560/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44560 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44560/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44560/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44560 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some weaknesses have been reported in Citrix XenServer, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service). For more information see vulnerability #1: SA44510 SOLUTION: Apply hotfix. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Citrix (CTX129208): http://support.citrix.com/article/CTX129208 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 17:18:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 02:18:56 +0200 Subject: [SEC] [SA44556] HP Intelligent Management Center Multiple Vulnerabilities Message-ID: <201105120018.p4C0IuVO032130@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP Intelligent Management Center Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44556 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44556/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44556 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44556/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44556/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44556 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in HP Intelligent Management Center (IMC), which can be exploited by malicious people to compromise a vulnerable system. 1) An input validation error in img.exe when processing certain packet fields can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to TCP port 8800. 2) An error in tftpserver.exe when processing Write Request (WRQ) packets can be exploited to upload arbitrary files. 3) A boundary error in dbman.exe when creating a log message to be stored in "dbman_debug.log" file can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to UDP port 2810. 4) A boundary error in tftpserver.exe when processing the TFTP Mode field can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to UDP port 69. 5) A boundary error in tftpserver.exe when processing TFTP DATA (opcode 0x03) and ERROR (opcode 0x05) packets can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to UDP port 69. 6) An indexing error in tftpserver.exe when accessing a table of function pointers using the TFTP Opcode field can be exploited to transfer program flow to an arbitrary memory location. 7) A use-after-free error in imcsyslogdm.exe when handling an error can be exploited via an overly long syslog packet (greater than 2048 bytes) sent to UDP port 514. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions PLAT 5.0 (E0101) and PLAT 5.0 (E0101L01). SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1, 3) AbdulAziz Hariri via ZDI 1, 2, 3, 4, 5, 6, 7) Luigi Auriemma via ZDI ORIGINAL ADVISORY: HPSBGN02680 SSRT100361: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822750 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-160/ http://www.zerodayinitiative.com/advisories/ZDI-11-161/ http://www.zerodayinitiative.com/advisories/ZDI-11-162/ http://www.zerodayinitiative.com/advisories/ZDI-11-163/ http://www.zerodayinitiative.com/advisories/ZDI-11-164/ http://www.zerodayinitiative.com/advisories/ZDI-11-165/ http://www.zerodayinitiative.com/advisories/ZDI-11-166/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 17:47:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 02:47:10 +0200 Subject: [SEC] [SA44514] SUSE update for kernel-rt Message-ID: <201105120047.p4C0lA44021179@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel-rt SECUNIA ADVISORY ID: SA44514 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44514/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44514 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44514/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44514/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44514 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for kernel-rt. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system and sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people to cause a DoS. For more information: SA27555 SA28696 SA41245 SA41263 SA41284 SA41440 SA41493 SA41650 SA42035 SA42061 SA42094 SA42176 SA42187 SA42684 SA42765 SA43009 SA43056 SA43291 SA43594 SA43639 SA43806 SOLUTION: Apply updated packages. Please see the vendor's advisory for more information. ORIGINAL ADVISORY: SUSE-SU-2011:0407-1: https://hermes.opensuse.org/messages/8356826 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 18:11:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 03:11:15 +0200 Subject: [SEC] [SA44508] FON La Fonera+ Denial of Service Vulnerability Message-ID: <201105120111.p4C1BFqN010048@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: FON La Fonera+ Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44508 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44508/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44508 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44508/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44508/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44508 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in FON La Fonera+, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error. No further information is currently available. SOLUTION: Reportedly, the vendor has released a fixed version. PROVIDED AND/OR DISCOVERED BY: Reported in a JVN note. ORIGINAL ADVISORY: JVN#96839637: http://jvn.jp/jp/JVN96839637/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 18:46:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 03:46:23 +0200 Subject: [SEC] [SA44510] Citrix XenServer Information Disclosure and Denial of Service Vulnerabilities Message-ID: <201105120146.p4C1kNlV031788@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Citrix XenServer Information Disclosure and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA44510 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44510/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44510 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44510/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44510/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44510 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some weaknesses and a security issue have been reported in Citrix XenServer, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service) and by malicious, local users to disclose sensitive information. 1) Unspecified errors exists, which can be exploited to interrupt normal operation of the hypervisor. No further information is currently available. Successful exploitation of this vulnerability requires administrative privileges on a guest operating system. 2) A security issue exists due to insecure logging of storage media credentials and can be exploited by local users to disclose logged credentials. SOLUTION: Apply hotfixes. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Citrix (CTX129208, CTX129228): http://support.citrix.com/article/CTX129208 http://support.citrix.com/article/CTX129228 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 19:16:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 04:16:14 +0200 Subject: [SEC] [SA44507] TYPO3 powermail Extension SQL Injection Vulnerability Message-ID: <201105120216.p4C2GEaI021363@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: TYPO3 powermail Extension SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44507 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44507/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44507 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44507/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44507/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44507 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the powermail extension for TYPO3, which can be exploited by malicious users to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires editor permissions and access to the powermail administration module. The vulnerability is reported in versions 1.6.0, 1.6.1, and 1.6.2. SOLUTION: Update to version 1.6.3. PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: TYPO3-SA-2011-004: http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-004/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 19:46:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 04:46:43 +0200 Subject: [SEC] [SA44208] SUSE update for otrs Message-ID: <201105120246.p4C2khRC010500@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for otrs SECUNIA ADVISORY ID: SA44208 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44208/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44208 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44208/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44208/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44208 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for otrs. This fixes some vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA44029 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0464-1: https://hermes.opensuse.org/messages/8361575 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 20:12:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 05:12:24 +0200 Subject: [SEC] [SA44506] Debian update for postfix Message-ID: <201105120312.p4C3CO4b031836@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for postfix SECUNIA ADVISORY ID: SA44506 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44506/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44506 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44506/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44506/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44506 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for postfix. This fixes two vulnerabilities, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA43646 SA44500 SOLUTION: Apply updated packages via the apt-get package manager. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 20:46:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 05:46:43 +0200 Subject: [SEC] [SA44517] SUSE update for postfix Message-ID: <201105120346.p4C3khba021147@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for postfix SECUNIA ADVISORY ID: SA44517 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44517/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44517 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44517/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44517/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44517 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA44500 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SA:2011:023: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 21:11:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 06:11:48 +0200 Subject: [SEC] [SA44505] RSA Data Loss Prevention Enterprise Manager Unspecified Cross-Site Scripting Vulnerability Message-ID: <201105120411.p4C4BmZc010065@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: RSA Data Loss Prevention Enterprise Manager Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44505 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44505/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44505 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44505/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44505/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44505 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in RSA Data Loss Prevention (DLP) Enterprise Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 8.x prior to 8.5 SP1. SOLUTION: Update to version 8.5 SP1. PROVIDED AND/OR DISCOVERED BY: The vendor credits National Australia Bank's Security Assurance team. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-04/att-0285/ESA-2011-015.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 21:46:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 06:46:45 +0200 Subject: [SEC] [SA44511] SUSE update for gnutls Message-ID: <201105120446.p4C4kjaO031797@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for gnutls SECUNIA ADVISORY ID: SA44511 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44511/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44511 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44511/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44511/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44511 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for gnutls. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA37292 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0415-1: https://hermes.opensuse.org/messages/8356821 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 11 22:13:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 07:13:14 +0200 Subject: [SEC] [SA44519] Ubuntu update for postfix Message-ID: <201105120513.p4C5DEW2020775@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for postfix SECUNIA ADVISORY ID: SA44519 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44519/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44519 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44519/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44519/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44519 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA44500 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1131-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-May/001329.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 10:32:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 19:32:08 +0200 Subject: [SEC] [SA44518] Palm WebOS Cross-Site Scripting and File System Access Security Bypass Vulnerabilities Message-ID: <201105121732.p4CHW8k0009345@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Palm WebOS Cross-Site Scripting and File System Access Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA44518 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44518/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44518 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44518/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44518/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44518 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Palm WebOS, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions. 1) Certain unspecified input is not properly sanitised by the Email application before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of the affected device. 2) An unspecified error can be exploited by Plug-in Development Kit (PDK) applications to gain write access to the file system and overwrite arbitrary files. Successful exploitation of this vulnerability may allow execution of arbitrary code, but requires tricking a user into installing a malicious application. The vulnerabilities are reported in versions 1.4.5 and 1.4.5.1. SOLUTION: Upgrade to version 2.1 or later available via the wireless carrier. PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits David Belcher, BlackBerry Security Research Group. 2) Reported by the vendor. ORIGINAL ADVISORY: HPSBMI02632 SSRT100379: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02822174 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 11:32:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 20:32:07 +0200 Subject: [SEC] [SA44356] ZyXEL ZyWALL Appliances Multiple Authentication Bypass Vulnerabilities Message-ID: <201105121832.p4CIW7r5032215@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: ZyXEL ZyWALL Appliances Multiple Authentication Bypass Vulnerabilities SECUNIA ADVISORY ID: SA44356 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44356/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44356 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44356/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44356/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44356 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in ZyXEL ZyWALL appliances, which can be exploited by malicious users and malicious people to bypass certain security restrictions. 1) An error exists within the authentication mechanism in the cgi-bin/export-cgi script, which can be exploited to download the configuration files. 2) An error exists within the authentication mechanism in the cgi-bin/file_upload-cgi script, which can be exploited to upload the arbitrary configuration files and gain administrative access to the device. 3) An error within the authentication mechanism in the management web interface can be exploited to gain administrative privileges to the device by setting the "isAdmin" variable to "true". Successful exploitation of this vulnerability requires "limited-admin" privileges. The vulnerabilities have been reported in the following devices: * ZyWALL USG-20 * ZyWALL USG-20W * ZyWALL USG-50 * ZyWALL USG-100 * ZyWALL USG-200 * ZyWALL USG-300 * ZyWALL USG-1000 * ZyWALL USG-1050 * ZyWALL USG-2000 SOLUTION: Reportedly, the vulnerabilities are fixed in the firmware released on April 25th, 2011. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: RedTeam Pentesting. ORIGINAL ADVISORY: RedTeam Pentesting: http://www.redteam-pentesting.de/advisories/rt-sa-2011-003.txt http://www.redteam-pentesting.de/advisories/rt-sa-2011-004.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 12:31:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 21:31:45 +0200 Subject: [SEC] [SA44546] SlimPDF Reader File Processing Buffer Overflow Vulnerability Message-ID: <201105121931.p4CJVjWK022689@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SlimPDF Reader File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44546 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44546/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44546 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44546/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44546/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44546 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SlimPDF Reader, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing PDF files and can be exploited to cause a heap-based buffer overflow by tricking a user into opening a specially crafted file. Successful exploitation may allow execution of arbitrary code, but requires that the application during installation was configured to be associated with PDF files (non-default option). The vulnerability is confirmed in version 1.0.0.1. Other versions may also be affected. SOLUTION: Do not open PDF files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Jason Kratzer and Nicolas Krassas ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17274/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 13:32:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 22:32:39 +0200 Subject: [SEC] [SA44578] NetBSD "fnmatch()" Denial of Service Vulnerability Message-ID: <201105122032.p4CKWd3p013205@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: NetBSD "fnmatch()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44578 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44578/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44578 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44578/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44578/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44578 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in NetBSD, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to the implementation of the "fnmatch()" function not properly limiting its recursions, which can be exploited to e.g. cause a high CPU consumption. SOLUTION: Fixed in the CVS repository. PROVIDED AND/OR DISCOVERED BY: Maksymilian Arciemowicz ORIGINAL ADVISORY: SecurityReason: http://securityreason.com/achievement_securityalert/98 NetBSD: http://cvsweb.netbsd.org/bsdweb.cgi/src/lib/libc/gen/fnmatch.c.diff?r1=1.21&r2=1.22&f=h OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 14:25:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 23:25:36 +0200 Subject: [SEC] [SA44481] PHProjekt Information Disclosure and Cross-Site Scripting Vulnerabilities Message-ID: <201105122125.p4CLPa8i003349@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: PHProjekt Information Disclosure and Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44481 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44481/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44481 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44481/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44481/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44481 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in PHProjekt, which can be exploited by malicious people to disclose sensitive information and conduct cross-site scripting attacks. 1) An unspecified error can be exploited to disclose certain sensitive information. No further information is currently available. 2) Certain input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 6.0.6. SOLUTION: Update to version 6.0.6. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://freshmeat.net/projects/phprojekt/releases/331727 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 14:46:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 12 May 2011 23:46:39 +0200 Subject: [SEC] [SA44575] HP Network Node Manager i Data and Log Files Access Security Issue Message-ID: <201105122146.p4CLkdCl024477@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: HP Network Node Manager i Data and Log Files Access Security Issue SECUNIA ADVISORY ID: SA44575 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44575/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44575 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44575/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44575/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44575 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in HP Network Node Manager i, which can be exploited by malicious, local users to disclose sensitive information and manipulate certain data. The security issue is caused due to an unspecified error and can be exploited to disclose and manipulate the contents of certain data and log files. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02672 SSRT100485: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02821425 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 15:11:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 00:11:37 +0200 Subject: [SEC] [SA44566] Drupal Taxonomy Access Control Lite Module Script Insertion Vulnerability Message-ID: <201105122211.p4CMBbj2013402@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Drupal Taxonomy Access Control Lite Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA44566 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44566/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44566 RELEASE DATE: 2011-05-12 DISCUSS ADVISORY: http://secunia.com/advisories/44566/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44566/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44566 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Taxonomy Access Control Lite module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain input is not properly sanitised before being displayed to the user via taxonomy names. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed by a user with "administer tac_lite" permissions. Successful exploitation requires "administer taxonomy" permissions. The vulnerability is reported in versions prior to 6.x-1.5. SOLUTION: Update to version 6.x-1.5. PROVIDED AND/OR DISCOVERED BY: The vendor credits AlexisWilke. ORIGINAL ADVISORY: SA-CONTRIB-2011-020: http://drupal.org/node/1154556 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 15:46:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 00:46:39 +0200 Subject: [SEC] [SA44499] Sun GlassFish Enterprise Server Authentication Bypass Vulnerability Message-ID: <201105122246.p4CMkdiG002715@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Sun GlassFish Enterprise Server Authentication Bypass Vulnerability SECUNIA ADVISORY ID: SA44499 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44499/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44499 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44499/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44499/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44499 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Core Security Technologies has reported a vulnerability in Sun GlassFish Enterprise Server, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the administration console allowing unauthenticated access via the HTTP TRACE method. This can be exploited to bypass the authentication mechanism and gain access to certain information e.g. log viewer or JDBC connection pool properties. The vulnerability is reported in the following products: * Sun GlassFish Enterprise Server 2.1.1 * Sun GlassFish Enterprise Server 3.0.1 SOLUTION: Update to version 3.1. A fix for the 2.x branch is scheduled for July 2011. PROVIDED AND/OR DISCOVERED BY: Francisco Falcon, Core Security Technologies. ORIGINAL ADVISORY: Core Security Technologies (CORE-2010-1118): http://www.coresecurity.com/content/oracle-glassfish-server-administration-console-authentication-bypass OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 16:12:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 01:12:04 +0200 Subject: [SEC] [SA44564] Red Hat update for apr Message-ID: <201105122312.p4CNC44s024074@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for apr SECUNIA ADVISORY ID: SA44564 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44564/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44564 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44564/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44564/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44564 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for apr. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44490 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0507-1 http://rhn.redhat.com/errata/RHSA-2011-0507.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 16:46:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 01:46:23 +0200 Subject: [SEC] [SA44554] SUSE update for mono Message-ID: <201105122346.p4CNkNFL013396@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for mono SECUNIA ADVISORY ID: SA44554 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44554/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44554 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44554/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44554/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44554 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for mono. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA42174 SOLUTION: Apply updated packages via YaST Online Update or the SUSE FTP server. ORIGINAL ADVISORY: SUSE-SU-2011:0386-1: https://hermes.opensuse.org/messages/8356834 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 17:14:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 02:14:49 +0200 Subject: [SEC] [SA44565] Red Hat update for rdesktop Message-ID: <201105130014.p4D0En7P002433@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Red Hat update for rdesktop SECUNIA ADVISORY ID: SA44565 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44565/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44565 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44565/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44565/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44565 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA44200 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0506-01: https://rhn.redhat.com/errata/RHSA-2011-0506.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 17:46:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 02:46:56 +0200 Subject: [SEC] [SA44490] Apache APR "apr_fnmatch()" Pattern Processing Denial of Service Vulnerability Message-ID: <201105130046.p4D0kuhB024088@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache APR "apr_fnmatch()" Pattern Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44490 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44490/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44490 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44490/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44490/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44490 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache APR, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an infinite recursion error within the "apr_fnmatch()" function when processing certain patterns. This can be exploited to cause a stack overflow via a specially crafted request containing wildcard characters (e.g. "*"). The vulnerability is reported in versions prior to 1.4.4. SOLUTION: Update to version 1.4.4. PROVIDED AND/OR DISCOVERED BY: Maksymilian Arciemowicz ORIGINAL ADVISORY: Apache: http://www.apache.org/dist/apr/CHANGES-APR-1.4 SecurityReason: http://securityreason.com/achievement_securityalert/98 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 18:11:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 03:11:29 +0200 Subject: [SEC] [SA44574] Apache HTTP Server APR "apr_fnmatch()" Denial of Service Vulnerability Message-ID: <201105130111.p4D1BTtu012991@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Apache HTTP Server APR "apr_fnmatch()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44574 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44574/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44574 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44574/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44574/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44574 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44490 Successful exploitation requires that "mod_autoindex" is enabled. The vulnerability is reported in versions prior to 2.2.18. SOLUTION: Update to version 2.2.18. PROVIDED AND/OR DISCOVERED BY: Maksymilian Arciemowicz ORIGINAL ADVISORY: Apache: http://httpd.apache.org/security/vulnerabilities_22.html http://www.apache.org/dist/httpd/Announcement2.2.html SecurityReason: http://securityreason.com/achievement_securityalert/98 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 18:46:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 03:46:13 +0200 Subject: [SEC] [SA44466] Linux Kernel Bluetooth Memory Leak Weaknesses Message-ID: <201105130146.p4D1kDqK002278@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Linux Kernel Bluetooth Memory Leak Weaknesses SECUNIA ADVISORY ID: SA44466 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44466/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44466 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44466/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44466/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44466 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some weaknesses have been reported in the Linux Kernel, which can be exploited by malicious, local users to disclose certain system information. 1) The "l2cap_sock_getsockopt_old()" function in net/bluetooth/l2cap_sock.c does not properly initialise a structure before copying it to userspace, which can be exploited to disclose kernel stack memory. 2) The "rfcomm_sock_getsockopt_old()" function in net/bluetooth/rfcomm/sock.c does not properly initialise a structure before copying it to userspace, which can be exploited to disclose kernel stack memory. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Marek Kroemeke and Filip Palian ORIGINAL ADVISORY: https://lkml.org/lkml/2011/5/8/153 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 19:16:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 04:16:39 +0200 Subject: [SEC] [SA44541] Fedora update for seamonkey Message-ID: <201105130216.p4D2GdVs024335@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for seamonkey SECUNIA ADVISORY ID: SA44541 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44541/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44541 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44541/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44541/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44541 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SOLUTION: Apply updated packages via the yum utility ("yum update seamonkey"). ORIGINAL ADVISORY: FEDORA-2011-6245: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059996.html FEDORA-2011-6258: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059975.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 19:46:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 04:46:31 +0200 Subject: [SEC] [SA44483] Ubuntu update for exim Message-ID: <201105130246.p4D2kVCC013454@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Ubuntu update for exim SECUNIA ADVISORY ID: SA44483 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44483/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44483 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44483/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44483/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44483 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for exim4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA44467 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1130-1: http://www.ubuntu.com/usn/usn-1130-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 20:11:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 05:11:35 +0200 Subject: [SEC] [SA44486] Debian update for icedove Message-ID: <201105130311.p4D3BZeo002312@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for icedove SECUNIA ADVISORY ID: SA44486 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44486/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44486 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44486/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44486/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44486 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for thunderbird. This fixes some vulnerabilities, which can be exploited by malicious people to disclose sensitive information and compromise a user's system. For more information: SA44357 SA44407 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2235: http://www.debian.org/security/2011/dsa-2235 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 20:46:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 05:46:30 +0200 Subject: [SEC] [SA44488] Debian update for zodb Message-ID: <201105130346.p4D3kUqq024115@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Debian update for zodb SECUNIA ADVISORY ID: SA44488 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44488/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44488 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44488/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44488/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44488 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for zodb. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a vulnerable system. For more information: SA36204 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2234: http://www.debian.org/security/2011/dsa-2234 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 21:11:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 06:11:58 +0200 Subject: [SEC] [SA44482] CA eHealth Unspecified Cross-Site Scripting Vulnerability Message-ID: <201105130411.p4D4Bwt8013046@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: CA eHealth Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44482 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44482/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44482 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44482/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44482/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44482 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CA eHealth, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 6.0.x, 6.1.x, 6.2.1, and 6.2.2. SOLUTION: Apply patch for PRD 42339. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: The vendor credits Tony Fogarty. ORIGINAL ADVISORY: CA20110510-01: https://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID={5662845D-4CD7-4CE6-8829-4F07A4C67366} OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 21:48:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 06:48:16 +0200 Subject: [SEC] [SA44542] Fedora update for wordpress Message-ID: <201105130448.p4D4mGJj002458@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: Fedora update for wordpress SECUNIA ADVISORY ID: SA44542 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44542/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44542 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44542/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44542/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44542 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for wordpress. This fixes a security issue, which can be exploited by malicious users to bypass certain security restrictions. For more information: SA44372 SOLUTION: Apply updated packages via the yum utility ("yum update wordpress"). ORIGINAL ADVISORY: FEDORA-2011-6363: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059968.html FEDORA-2011-6380: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059986.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 12 22:18:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 07:18:17 +0200 Subject: [SEC] [SA44521] SUSE update for openssl Message-ID: <201105130518.p4D5IHva032632@CRON-IX-2.intnet> ---------------------------------------------------------------------- Secunia is hiring! http://secunia.com/company/jobs/ ---------------------------------------------------------------------- TITLE: SUSE update for openssl SECUNIA ADVISORY ID: SA44521 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44521/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44521 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44521/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44521/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44521 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for OpenSSL. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA42473 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0430-1: https://hermes.opensuse.org/messages/8356815 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 10:32:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 19:32:34 +0200 Subject: [SEC] [SA44569] HP Business Availability Center Unspecified Cross-Site Scripting Vulnerability Message-ID: <201105131732.p4DHWY4E006750@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: HP Business Availability Center Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44569 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44569/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44569 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44569/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44569/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44569 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Business Availability Center, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 8.06 and prior running on Windows and Solaris. SOLUTION: Apply hotfix. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMA02681 SSRT100493: http://www11.itrc.hp.com/service/cki/docDisplay.do?docId=emr_na-c02823184 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 11:32:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 20:32:58 +0200 Subject: [SEC] [SA44540] Movable Type MT-Cumulus Plugin "tagcloud" Cross-Site Scripting Vulnerability Message-ID: <201105131832.p4DIWw5Q029641@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Movable Type MT-Cumulus Plugin "tagcloud" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44540 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44540/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44540 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44540/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44540/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44540 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: MustLive has discovered a vulnerability in the MT-Cumulus plugin for Movable Type, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "tagcloud" parameter to mt-static/plugins/Cumulus/tagcloud.swf (when "mode" is set to "tags") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.02. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: MustLive ORIGINAL ADVISORY: http://websecurity.com.ua/5139/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 12:33:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 21:33:07 +0200 Subject: [SEC] [SA44585] SUSE update for perl Message-ID: <201105131933.p4DJX7YS020115@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for perl SECUNIA ADVISORY ID: SA44585 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44585/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44585 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44585/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44585/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44585 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for perl. This fixes a weakness and a vulnerability, which can be exploited by malicious people bypass certain security features and to cause a DoS (Denial of Service). For more information: SA43921 1) An error within the handling of certain regular expressions can be exploited to cause a crash. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0479-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00025.html SUSE-SU-2011:0486-1: https://hermes.opensuse.org/messages/8405801 Novell Bug #676086: https://bugzilla.novell.com/show_bug.cgi?id=676086 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 13:32:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 22:32:41 +0200 Subject: [SEC] [SA44553] IBM Datacap Taskmaster Capture Unspecified SQL Injection Vulnerability Message-ID: <201105132032.p4DKWfuA010570@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: IBM Datacap Taskmaster Capture Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44553 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44553/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44553 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44553/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44553/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44553 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM Datacap Taskmaster Capture, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input passed to the TMWeb component is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 8.0.1 Fix Pack 1. SOLUTION: Update to version 8.0.1 Fix Pack 1 PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg27021511&aid=1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 14:25:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 23:25:57 +0200 Subject: [SEC] [SA44570] SUSE update for java-1_4_2-ibm Message-ID: <201105132125.p4DLPvx9000687@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for java-1_4_2-ibm SECUNIA ADVISORY ID: SA44570 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44570/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44570 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44570/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44570/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44570 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1.4.2-ibm. This fixes multiple vulnerabilities, which can be exploited by malicious people to manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA43295 SOLUTION: Apply updated packages with the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0490-1: https://hermes.opensuse.org/messages/8407124 SUSE-SA:2011:024: http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00004.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 14:48:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 13 May 2011 23:48:08 +0200 Subject: [SEC] [SA44573] SUSE update for perl Message-ID: <201105132148.p4DLm8WA021918@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for perl SECUNIA ADVISORY ID: SA44573 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44573/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44573 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44573/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44573/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44573 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for perl. This fixes a weakness, which can be exploited by malicious people to bypass certain security features. For more information: SA43921 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0488-1: https://hermes.opensuse.org/messages/8407126 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 15:12:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 00:12:55 +0200 Subject: [SEC] [SA44548] SUSE update for pure-ftpd Message-ID: <201105132212.p4DMCtxK010812@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for pure-ftpd SECUNIA ADVISORY ID: SA44548 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44548/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44548 RELEASE DATE: 2011-05-13 DISCUSS ADVISORY: http://secunia.com/advisories/44548/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44548/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44548 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for pure-ftpd. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA43988 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0483-1: https://hermes.opensuse.org/messages/8394160 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 15:46:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 00:46:33 +0200 Subject: [SEC] [SA44587] SUSE update for vino Message-ID: <201105132246.p4DMkXuw032487@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for vino SECUNIA ADVISORY ID: SA44587 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44587/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44587 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44587/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44587/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44587 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for vino. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA44463 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0481-1: https://hermes.opensuse.org/messages/8394138 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 16:12:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 01:12:08 +0200 Subject: [SEC] [SA44586] SUSE update for kdelibs4 Message-ID: <201105132312.p4DNC8ZG021428@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for kdelibs4 SECUNIA ADVISORY ID: SA44586 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44586/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44586 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44586/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44586/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44586 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for kdelibs4. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA44065 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0480-1: https://hermes.opensuse.org/messages/8394139 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 16:46:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 01:46:56 +0200 Subject: [SEC] [SA44550] SUSE update for python Message-ID: <201105132346.p4DNkuZF010759@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for python SECUNIA ADVISORY ID: SA44550 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44550/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44550 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44550/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44550/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44550 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for python. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). For more information: SA43831 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0484-1: https://hermes.opensuse.org/messages/8394159 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 17:14:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 02:14:29 +0200 Subject: [SEC] [SA44583] SUSE update for webkit Message-ID: <201105140014.p4E0ETvn032186@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for webkit SECUNIA ADVISORY ID: SA44583 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44583 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44583/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44583/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44583 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for webkit. This fixes multiple vulnerabilities, where some have an unknown impact and others can be exploited by malicious people to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a user's system. For more information: SA40743 SA41888 SA42472 SA42850 SA42605 SA43193 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0482-1: https://hermes.opensuse.org/messages/8394137 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 17:46:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 02:46:42 +0200 Subject: [SEC] [SA44469] Debian update for exim4 Message-ID: <201105140046.p4E0kgEl021396@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Debian update for exim4 SECUNIA ADVISORY ID: SA44469 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44469/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44469 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44469/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44469/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44469 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for exim4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA44467 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2236-1: http://www.debian.org/security/2011/dsa-2236 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 18:11:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 03:11:44 +0200 Subject: [SEC] [SA44568] Red Hat update for flash-plugin Message-ID: <201105140111.p4E1Biuw010311@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for flash-plugin SECUNIA ADVISORY ID: SA44568 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44568 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44568/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44568/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44568 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for flash-plugin. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system. For more information: SA44590 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0511-1: https://rhn.redhat.com/errata/RHSA-2011-0511.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 18:47:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 03:47:30 +0200 Subject: [SEC] [SA44480] Adobe RoboHelp Unspecified Cross-Site Scripting Vulnerability Message-ID: <201105140147.p4E1lUBW032093@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Adobe RoboHelp Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44480 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44480/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44480 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44480/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44480/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44480 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Adobe RoboHelp, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in the following products: * RoboHelp versions 7 and 8. * RoboHelp Server versions 7 and 8. SOLUTION: Apply update (please see the vendor's advisory for details). Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits James Jardine, Jardine Software Inc. ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/bulletins/apsb11-09.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 19:21:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 04:21:10 +0200 Subject: [SEC] [SA44562] Open Classifieds Cross-Site Request Forgery Vulnerability Message-ID: <201105140221.p4E2LA9x021855@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Open Classifieds Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44562 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44562/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44562 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44562/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44562/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44562 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered a vulnerability in Open Classifieds, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrator password by tricking a logged in administrator into visiting a malicious web site. The vulnerability is confirmed in version 1.7.1.1. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while being logged in to the application. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB22980: http://www.htbridge.ch/advisory/xsrf_csrf_in_open_classifieds.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 19:50:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 04:50:19 +0200 Subject: [SEC] [SA44588] Adobe Audition SES Session File Processing Buffer Overflow Vulnerabilities Message-ID: <201105140250.p4E2oJmJ010943@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Adobe Audition SES Session File Processing Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA44588 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44588/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44588 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44588/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44588/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44588 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Adobe Audition, which can be exploited by malicious people to compromise a user's system. 1) An error when processing SES session files (".ses") can be exploited to cause a buffer overflow via a specially crafted file. 2) An error when parsing certain fields of the TRKM chunk within a SES session file (".ses") can be exploited to cause a buffer overflow via a specially crafted file. The vulnerabilities are reported in version 3.0.1 and earlier. SOLUTION: Upgrade to Audition CS5.5. PROVIDED AND/OR DISCOVERED BY: 1) Gjoko Krstic, Zero Science Lab 2) Diego Juarez, Eduardo Koch, and Laura Balian, Core Security Technologies ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/bulletins/apsb11-10.html Zero Science Lab: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5012.php Core Security Technologies: http://www.coresecurity.com/content/Adobe-Audition-malformed-SES-file OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 20:12:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 05:12:10 +0200 Subject: [SEC] [SA44590] Adobe Flash Player Multiple Vulnerabilities Message-ID: <201105140312.p4E3CAxo032098@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Adobe Flash Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44590 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44590/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44590 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44590/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44590/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44590 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Adobe Flash Player, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system. 1) An unspecified error can be exploited to disclose certain information. 2) An integer overflow error can be exploited to potentially execute arbitrary code. 3) An unspecified error can be exploited to corrupt memory. 4) A second unspecified error can be exploited to corrupt memory. 5) A third unspecified error can be exploited to corrupt memory. 6) A fourth unspecified error can be exploited to corrupt memory. 7) A boundary error can be exploited to potentially execute arbitrary code. 8) A second boundary error can be exploited to potentially execute arbitrary code. 9) A third boundary error can be exploited to potentially execute arbitrary code. 10) A fourth boundary error can be exploited to potentially execute arbitrary code. 11) An unspecified error can be exploited to corrupt memory. The vulnerabilities are reported in the following versions: * Adobe Flash Player 10.2.159.1 and earlier for Windows, Macintosh, Linux and Solaris. * Adobe Flash Player 10.2.154.28 and earlier for Chrome. * Adobe Flash Player 10.2.157.51 and earlier for Android. SOLUTION: Apply updates. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1, 11) Reported by the vendor. The vendor also credits the following people: 2) binaryproof via iDefense 3) Marc Schoenefeld, Red Hat Security Response Team 4) Vitaliy Toropov via iDefense 5) Bo Qu, Palo Alto Networks 6) Honggang Ren, Fortinet's FortiGuard Labs 7) Yamata Li, Palo Alto Networks 8, 9, 10) Tavis Ormandy, Google Security Team 9, 10) Will Dormann, US-CERT ORIGINAL ADVISORY: Adobe (APSB11-12): http://www.adobe.com/support/security/bulletins/apsb11-12.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 20:46:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 05:46:27 +0200 Subject: [SEC] [SA44531] SUSE update for cronie Message-ID: <201105140346.p4E3kRv8021413@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for cronie SECUNIA ADVISORY ID: SA44531 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44531/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44531 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44531/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44531/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44531 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for cronie. This fixes a weakness, which potentially can be exploited by malicious, local users to perform certain actions with escalated privileges. The weakness is caused due to the application not properly dropping certain privileges before invoking other applications, which can lead to child processes running with unintended privileges. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0452-1: http://lists.opensuse.org/opensuse-updates/2011-05/msg00012.html Novell Bug #690166: https://bugzilla.novell.com/show_bug.cgi?id=690166 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 21:14:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 06:14:13 +0200 Subject: [SEC] [SA44589] Adobe Flash Media Server Two Vulnerabilities Message-ID: <201105140414.p4E4EDrv010438@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Adobe Flash Media Server Two Vulnerabilities SECUNIA ADVISORY ID: SA44589 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44589/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44589 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44589/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44589/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44589 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Adobe Flash Media Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. 1) A vulnerability exists in the bundled version of OpenSSL. For more information: SA42243 2) An unspecified error when handling certain XML data can be exploited to cause a DoS. The vulnerabilities are reported in the following versions running on Windows and Linux: * Adobe Flash Media Server version 4.0.1 and earlier. * Adobe Flash Media Server version 3.5.5 and earlier. SOLUTION: Update to version 3.5.6 or 4.0.2. PROVIDED AND/OR DISCOVERED BY: 2) The vendor credits Dirk Neely, Stickam. ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/bulletins/apsb11-11.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 21:47:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 06:47:59 +0200 Subject: [SEC] [SA44591] Google Chrome Multiple Vulnerabilities Message-ID: <201105140447.p4E4lx49032131@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44591 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44591/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44591 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44591/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44591/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44591 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system. 1) The application bundles a vulnerable version of Adobe Flash Player. For more information: SA44590 2) An error within WebKit glue may result in an incorrect type cast. 3) Multiple integer overflow errors exist within the handling of SVG filters. SOLUTION: Update to version 11.0.696.68. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 2) SkyLined, Google Chrome Security Team. 3) Cris Neckar, Google Chrome Security Team. ORIGINAL ADVISORY: Google: http://feeds.feedburner.com/GoogleChromeReleases OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 13 22:12:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 14 May 2011 07:12:08 +0200 Subject: [SEC] [SA44433] Mahara Multiple Vulnerabilities Message-ID: <201105140512.p4E5C8XJ021000@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Mahara Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44433 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44433/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44433 RELEASE DATE: 2011-05-14 DISCUSS ADVISORY: http://secunia.com/advisories/44433/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44433/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44433 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Mahara, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks. 1) An error in artefact/plans/viewtasks.json.php, artefact/blog/posts.json.php, and blocktype/myfriends/myfriends.json.php when checking a user's permission can be exploited to access restricted views. 2) An error in view/newviewtoken.json.php, artefact/plans/tasks.json.php, and artefact/blog/view/index.json.php when checking a user's permission can be exploited to edit restricted views. 3) An error in admin/users/search.json.php due to the "INSTITUTIONALADMIN" permission not being checked can be exploited to search and suspend other users. 4) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an arbitrary user with administrative privileges if a logged-in administrative user visits a malicious web site. 5) Input passed via certain email fields (e.g. title, body, and author) as a result of forum posts and view feedback notifications is not properly sanitised in artefact/comment/lib.php and interaction/forum/lib.php before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in version 1.3.5. Prior versions may also be affected. SOLUTION: Update to version 1.3.6. PROVIDED AND/OR DISCOVERED BY: 1, 2, 3, 5) Reporter by the vendor. 4) The vendor credits Bart van Delft. ORIGINAL ADVISORY: https://launchpad.net/mahara/+milestone/1.3.6 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 10:30:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 May 2011 19:30:56 +0200 Subject: [SEC] [SA44593] Jcow "p" Local File Inclusion Vulnerability Message-ID: <201105161730.p4GHUukG008758@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Jcow "p" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA44593 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44593 RELEASE DATE: 2011-05-16 DISCUSS ADVISORY: http://secunia.com/advisories/44593/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44593/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44593 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Jcow, which can be exploited by malicious people to disclose sensitive information. Input passed to the "p" parameter in index.php is not properly verified before being used in includes/libs/apps.inc.php to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability has been confirmed in version 4.2.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/Jcow-4.2.1-Local-File-Inclusion-211 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 11:30:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 May 2011 20:30:33 +0200 Subject: [SEC] [SA44584] DocMGR "f" Cross-Site Scripting Vulnerability Message-ID: <201105161830.p4GIUXVg031618@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: DocMGR "f" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44584 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44584/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44584 RELEASE DATE: 2011-05-16 DISCUSS ADVISORY: http://secunia.com/advisories/44584/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44584/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44584 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in DocMGR, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "f" parameter to history.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/docMGR-1.1.2-Reflected-Cross-site-Scripting-213 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 12:31:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 May 2011 21:31:16 +0200 Subject: [SEC] [SA44551] GuppY Unspecified Vulnerability Message-ID: <201105161931.p4GJVG1s022130@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: GuppY Unspecified Vulnerability SECUNIA ADVISORY ID: SA44551 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44551/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44551 RELEASE DATE: 2011-05-16 DISCUSS ADVISORY: http://secunia.com/advisories/44551/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44551/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44551 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with an unknown impact has been reported in GuppY. The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in versions prior to 4.6.14. SOLUTION: Update to version 4.6.14. PROVIDED AND/OR DISCOVERED BY: The vendor credits Antoine CERVOISE. ORIGINAL ADVISORY: http://www.freeguppy.org/thread.php?lng=en&pg=225240&fid=1&cat=200 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 13:30:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 May 2011 22:30:28 +0200 Subject: [SEC] [SA44595] NoticeBoardPro SQL Injection and Arbitrary File Upload Vulnerabilities Message-ID: <201105162030.p4GKUSKn012570@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: NoticeBoardPro SQL Injection and Arbitrary File Upload Vulnerabilities SECUNIA ADVISORY ID: SA44595 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44595/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44595 RELEASE DATE: 2011-05-16 DISCUSS ADVISORY: http://secunia.com/advisories/44595/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44595/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44595 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered two vulnerabilities in NoticeBoardPro, which can be exploited by malicious people to conduct SQL injection attacks and compromise a vulnerable system. 1) Input passed via the "userID" parameter to deleteItem3.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. 2) The editItem1.php script does not properly validate uploaded files, which can be exploited to e.g. execute arbitrary PHP code by uploading a PHP file. The vulnerabilities are confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. Restrict access to the photos directory (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/NoticeBoardPro-1.0-SQL-Injection-209 http://www.autosectools.com/Advisory/NoticeBoardPro-1.0-Arbitrary-Upload-208 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 14:24:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 May 2011 23:24:59 +0200 Subject: [SEC] [SA44520] Jcow "p" Local File Inclusion Vulnerability Message-ID: <201105162124.p4GLOxNT002767@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Jcow "p" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA44520 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44520/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44520 RELEASE DATE: 2011-05-16 DISCUSS ADVISORY: http://secunia.com/advisories/44520/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44520/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44520 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Jcow, which can be exploited by malicious people to disclose sensitive information. Input passed to the "p" parameter in index.php is not properly verified before being used in includes/libs/apps.inc.php to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability has been confirmed in version 5 trial. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/Jcow-4.2.1-Local-File-Inclusion-211 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 14:46:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 16 May 2011 23:46:03 +0200 Subject: [SEC] [SA44561] BMC Dashboards for BSM Multiple Vulnerabilities Message-ID: <201105162146.p4GLk387023928@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: BMC Dashboards for BSM Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44561 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44561/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44561 RELEASE DATE: 2011-05-16 DISCUSS ADVISORY: http://secunia.com/advisories/44561/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44561/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44561 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in BMC Dashboards for BSM, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks and disclose sensitive information. 1) Input passed via the URL to bmc_help2u/help_services/html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "msg" parameter to bmc_help2u/servlet/helpServlet2u is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Certain input passed to bsmdashboards/messagebroker/amfsecure is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) The application bundles a vulnerable version of Adobe BlazeDS. For more information: SA38543 5) Input passed via the "URL" parameter to bmc_help2u/help_services/html/index.htm is not properly verified before being linked into the frameset, which can be used to conduct spoofing or phishing attacks. NOTE: A weakness, which could lead to disclosure of files from the web root has also been reported. The vulnerabilities are reported in version 7.6.01. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Richard Brain and Jan Fry, ProCheckUp. ORIGINAL ADVISORY: ProCheckUp: http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-18 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 15:11:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 00:11:01 +0200 Subject: [SEC] [SA44603] Fedora update for perl-Mojolicious Message-ID: <201105162211.p4GMB16k012831@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for perl-Mojolicious SECUNIA ADVISORY ID: SA44603 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44603 RELEASE DATE: 2011-05-16 DISCUSS ADVISORY: http://secunia.com/advisories/44603/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44603/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44603 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for perl-Mojolicious. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks. For more information see vulnerability #2 in: SA44051 SOLUTION: Apply updated packages via the yum utility ("yum update perl-Mojolicious"). ORIGINAL ADVISORY: FEDORA-2011-6465: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060122.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 15:46:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 00:46:08 +0200 Subject: [SEC] [SA44581] openQRM "source_tab" Cross-Site Scripting Vulnerability Message-ID: <201105162246.p4GMk84a002138@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: openQRM "source_tab" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44581 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44581/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44581 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44581/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44581/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44581 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in openQRM, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "source_tab" parameter in base/plugins/zfs-storage/zfs-storage-action.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires the zfs-storage plug-in to be installed and enabled. The vulnerability is confirmed in version 4.8. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/openQRM-4.8-Reflected-Cross-site-Scripting-216 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 16:11:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 01:11:48 +0200 Subject: [SEC] [SA44576] Hitachi JP1 Products Java Double Literal Denial of Service Vulnerability Message-ID: <201105162311.p4GNBmV7023541@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Hitachi JP1 Products Java Double Literal Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44576 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44576/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44576 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44576/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44576/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44576 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has acknowledged a vulnerability in JP1 products, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #1 in: SA43262 Please see the vendor's advisory for the list of affected products. SOLUTION: Update to a fixed version. Please see the vendor's advisory for more details. ORIGINAL ADVISORY: Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-008/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 16:46:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 01:46:29 +0200 Subject: [SEC] [SA44609] Slackware update for apr and apr-util Message-ID: <201105162346.p4GNkTGu012870@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Slackware update for apr and apr-util SECUNIA ADVISORY ID: SA44609 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44609/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44609 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44609/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44609/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44609 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for apr and apr-util. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44490 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SSA:2011-133-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.705697 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 17:14:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 02:14:27 +0200 Subject: [SEC] [SA44619] Fedora update for perl-Mojolicious Message-ID: <201105170014.p4H0ER04001863@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for perl-Mojolicious SECUNIA ADVISORY ID: SA44619 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44619/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44619 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44619/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44619/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44619 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for perl-Mojolicious. This fixes two vulnerabilities, where one has an unknown impact and the other can be exploited by malicious users to conduct script insertion attacks. For more information see vulnerability #2 in: SA44051 1) The vulnerability is caused due to an unspecified error related to HMAC-MD5 checksums. No further information is currently available. SOLUTION: Apply updated packages via the yum utility ("yum update perl-Mojolicious"). PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. ORIGINAL ADVISORY: FEDORA-2011-6462: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060126.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 17:46:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 02:46:47 +0200 Subject: [SEC] [SA44577] Crucible Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201105170046.p4H0klHf023556@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Crucible Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44577 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44577/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44577 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44577/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44577/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44577 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Crucible, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Certain input passed to Snippets is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain input passed to Author Mapping is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Certain input passed via changeset comments in the search results is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Certain input passed to the comments search is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 5) Certain input passed via the dashboard review activity is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 6) Certain input passed to the reviews list is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Please see the vendor's advisory for the list of affected versions. SOLUTION: Update to version 2.5.4. PROVIDED AND/OR DISCOVERED BY: 1 - 4) Reported by the vendor. 5, 6) The vendor credits Marian Ventuneac. ORIGINAL ADVISORY: http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2011-05-16 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 18:11:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 03:11:41 +0200 Subject: [SEC] [SA44592] allocPSA "sessID" Cross-Site Scripting Vulnerability Message-ID: <201105170111.p4H1BfmU012460@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: allocPSA "sessID" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44592 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44592/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44592 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44592/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44592/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44592 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in allocPSA, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "sessID" parameter in login/login.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the user is not logged-in. The vulnerability is confirmed in version 1.7.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/allocPSA-1.7.4-Reflected-Cross-site-Scripting-212 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 18:46:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 03:46:27 +0200 Subject: [SEC] [SA44513] GuppY Cross-Site Request Forgery Vulnerability Message-ID: <201105170146.p4H1kRX3001744@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: GuppY Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44513 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44513/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44513 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44513/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44513/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44513 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in GuppY, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change an administrator's email address if a logged-in administrative user visits a malicious web site. The vulnerability is confirmed in version 4.6.14. Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: KedAns-Dz OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 19:17:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 04:17:47 +0200 Subject: [SEC] [SA44600] Winamp MIDI System Exclusive Message Processing Integer Underflow Vulnerability Message-ID: <201105170217.p4H2HlTU023860@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Winamp MIDI System Exclusive Message Processing Integer Underflow Vulnerability SECUNIA ADVISORY ID: SA44600 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44600/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44600 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44600/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44600/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44600 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Alexander Gavrun has discovered a vulnerability in Winamp, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer underflow error when processing System Exclusive (SysEx) MIDI messages. This can be exploited to cause a heap-based buffer overflow via a specially crafted MIDI file. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in version 5.61. Other versions may also be affected. SOLUTION: Do not open MIDI files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Alexander Gavrun ORIGINAL ADVISORY: http://0x1byte.blogspot.com/2011/05/winamp-inmidi-component-heap-overflow.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 19:45:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 04:45:38 +0200 Subject: [SEC] [SA44477] SecureSphere Web Application Firewall Security Bypass Vulnerability Message-ID: <201105170245.p4H2jccJ012893@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SecureSphere Web Application Firewall Security Bypass Vulnerability SECUNIA ADVISORY ID: SA44477 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44477/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44477 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44477/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44477/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44477 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Piotr Duszynski has reported a vulnerability in SecureSphere Web Application Firewall, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error when filtering web requests and can be exploited to bypass the firewall's SQL injection filtering protection. The vulnerability is reported in version 7.0, 7.5, and 8.0. Other versions may also be affected. SOLUTION: Apply the ADC Content Update from August 12, 2010. PROVIDED AND/OR DISCOVERED BY: Piotr Duszynski (drk1wi) ORIGINAL ADVISORY: http://duszynski.eu/vuln01.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 20:10:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 05:10:38 +0200 Subject: [SEC] [SA44620] Fedora update for tor Message-ID: <201105170310.p4H3Acox001734@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for tor SECUNIA ADVISORY ID: SA44620 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44620/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44620 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44620/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44620/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44620 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for tor. This fixes a weakness and two vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA42907 SOLUTION: Apply updated packages via the yum utility ("yum update tor"). ORIGINAL ADVISORY: FEDORA-2011-0642: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060123.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 20:25:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 05:25:05 +0200 Subject: [SEC] [SA44617] SUSE update for flash-player Message-ID: <201105170325.p4H3P5MJ022625@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for flash-player SECUNIA ADVISORY ID: SA44617 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44617/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44617 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44617/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44617/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44617 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for flash-player. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system. For more information: SA44590 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0492-1: https://hermes.opensuse.org/messages/8417549 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 20:46:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 05:46:05 +0200 Subject: [SEC] [SA44622] FishEye Two Cross-Site Scripting Vulnerabilities Message-ID: <201105170346.p4H3k5Rc011348@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: FishEye Two Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44622 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44622/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44622 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44622/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44622/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44622 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in FishEye, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information see vulnerabilities #5 and #6 in: SA44577 The vulnerabilities are reported in versions 2.2.8 through 2.5.2. SOLUTION: Update to version 2.5.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits Marian Ventuneac. ORIGINAL ADVISORY: http://confluence.atlassian.com/display/FISHEYE/FishEye+and+Crucible+Security+Advisory+2011-05-16 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 21:11:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 06:11:06 +0200 Subject: [SEC] [SA44621] Fedora update for acpid Message-ID: <201105170411.p4H4B6Zq032661@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for acpid SECUNIA ADVISORY ID: SA44621 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44621/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44621 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44621/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44621/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44621 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for acpid. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA42947 SOLUTION: Apply updated packages via the yum utility ("yum update acpid"). ORIGINAL ADVISORY: FEDORA-2011-6460: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060053.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 21:46:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 06:46:37 +0200 Subject: [SEC] [SA44411] Debian update for apr Message-ID: <201105170446.p4H4kbXR022029@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Debian update for apr SECUNIA ADVISORY ID: SA44411 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44411/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44411 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44411/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44411/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44411 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for apr. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44490 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2237-1: http://www.debian.org/security/2011/dsa-2237 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 16 22:11:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 07:11:29 +0200 Subject: [SEC] [SA44460] keepalived Insecure PID Files Security Issue Message-ID: <201105170511.p4H5BT20010941@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: keepalived Insecure PID Files Security Issue SECUNIA ADVISORY ID: SA44460 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44460/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44460 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44460/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44460/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44460 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in keepalived, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The security issue is caused due to keepalived creating PID files with insecure permissions, which can be exploited to e.g. terminate other processes by exchanging the process ID stored in the PID file. The security issue is reported in version 1.2.2. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: helpermn ORIGINAL ADVISORY: http://lists.debian.org/debian-security/2011/05/msg00012.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 10:31:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 19:31:02 +0200 Subject: [SEC] [SA44524] GEAR CD DVD Filter Driver Two Denial of Service Weaknesses Message-ID: <201105171731.p4HHV2Y8031938@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: GEAR CD DVD Filter Driver Two Denial of Service Weaknesses SECUNIA ADVISORY ID: SA44524 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44524/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44524 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44524/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44524/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44524 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two weaknesses have been discovered in GEAR CD DVD Filter Driver, which can be exploited by malicious, local users to cause a DoS (Denial of Service). 2) An array indexing error in the GEARAspiWDM.sys driver when accessing a table of pointers can be exploited to access invalid memory and cause a crash via a specially crafted 0X00222008 IOCTL. 2) A second array indexing error in the GEARAspiWDM.sys driver when accessing a table of pointers can be exploited to access invalid memory and cause a crash via a specially crafted 0X00222010 IOCTL. The weaknesses are confirmed in the following products (other versions may also be affected): * GEAR CD DVD Filter Driver version 2.2.0.1. * GEAR ISO Burn version 1.7.1. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Originally reported in Symantec Backup Exec System Recovery by Stefan LE BERRE (Heurs). Additional information provided by Secunia Research. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 11:32:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 20:32:13 +0200 Subject: [SEC] [SA44572] OpenSSL ECDSA Timing Attack Weakness Message-ID: <201105171832.p4HIWDPt022483@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: OpenSSL ECDSA Timing Attack Weakness SECUNIA ADVISORY ID: SA44572 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44572/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44572 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44572/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44572/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44572 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in OpenSSL, which can be exploited by malicious people to disclose potentially sensitive information. The weakness is caused due to the implementation of the Elliptic Curve Digital Signature Algorithm (ECDSA) not properly preventing timing attacks, which can be exploited to e.g. disclose the private key of a TLS server using ECDSA signatures. SOLUTION: Use another signature algorithm. PROVIDED AND/OR DISCOVERED BY: Billy Bob Brumley and Nicola Tuveri ORIGINAL ADVISORY: Remote Timing Attacks are Still Practical: http://eprint.iacr.org/2011/232.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 12:35:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 21:35:07 +0200 Subject: [SEC] [SA44598] PHPCalendar Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201105171935.p4HJZ7Nu013074@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: PHPCalendar Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA44598 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44598/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44598 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44598/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44598/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44598 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in PHPCalendar, which can be exploited by malicious people to conduct cross-site scripting and script insertion attacks. 1) Input passed via the "month" and "year" parameters to index.php and the "id" parameter to event_delete.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "title" parameter to event_add.php (when "day", "month", and "year" are set to arbitrary values) is not properly sanitised in event.php before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will execute in a user's browser session in context of an affected site when the malicious event is being viewed. The vulnerabilities are confirmed in version 2.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: http://www.htbridge.ch/advisory/multiple_xss_cross_site_scripting_vulnerabilities_in_php_calendar_basic.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 13:31:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 22:31:49 +0200 Subject: [SEC] [SA44552] Ubuntu update for apturl Message-ID: <201105172031.p4HKVndb003399@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Ubuntu update for apturl SECUNIA ADVISORY ID: SA44552 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44552/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44552 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44552/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44552/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44552 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for apturl. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to an error when processing certain URLs and can be exploited to cause a crash via an overly long URL. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1132-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-May/001330.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 14:27:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 23:27:08 +0200 Subject: [SEC] [SA44629] Symantec System Recovery Two Denial of Service Weaknesses Message-ID: <201105172127.p4HLR842026088@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Symantec System Recovery Two Denial of Service Weaknesses SECUNIA ADVISORY ID: SA44629 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44629/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44629 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44629/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44629/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44629 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two weaknesses have been discovered in Symantec System Recovery, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA44524 The weaknesses are confirmed in version 2011 10.0.0.39952 (reported in version 8.5). Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Stefan LE BERRE (Heurs). OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 14:47:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 17 May 2011 23:47:09 +0200 Subject: [SEC] [SA44475] Keyfax Customer Response Management Cross-Site Scripting and Information Disclosure Message-ID: <201105172147.p4HLl9Zc014762@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Keyfax Customer Response Management Cross-Site Scripting and Information Disclosure SECUNIA ADVISORY ID: SA44475 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44475/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44475 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44475/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44475/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44475 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and two vulnerabilities have been reported in Keyfax Customer Response Management, which can be exploited by malicious people to conduct cross-site scripting attacks and disclose sensitive information. 1) Input passed via the "co" parameter to keyfax32/test/response.asp and the "C" parameter to keyfax32/rs/main_rs.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The security issue is caused due to the application not properly restricting access to the KFLauncher/KF_config.xml and KFLauncher/KFRDROL__config.xml configuration files, which stores certain credentials in clear text. The security issue and the vulnerabilities are reported in version 3.2.2.6. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Richard Brain, ProCheckUp. ORIGINAL ADVISORY: ProCheckUp: http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-17 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 15:11:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 00:11:36 +0200 Subject: [SEC] [SA44579] Vanilla Forums "p" File Inclusion Vulnerability Message-ID: <201105172211.p4HMBaGU003642@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Vanilla Forums "p" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA44579 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44579/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44579 RELEASE DATE: 2011-05-17 DISCUSS ADVISORY: http://secunia.com/advisories/44579/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44579/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44579 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Vanilla Forums, which can be exploited by malicious people to disclose sensitive information. Input passed via the "p" parameter to index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 2.0.17.9. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools. ORIGINAL ADVISORY: AutoSec Tools: http://www.autosectools.com/Advisory/Vanilla-Forum-2.0.17.9-Local-File-Inclusion-218 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 15:47:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 00:47:18 +0200 Subject: [SEC] [SA44567] IBM Informix Storage Manager "pmap_set" Handling Security Bypass Message-ID: <201105172247.p4HMlIbr025425@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: IBM Informix Storage Manager "pmap_set" Handling Security Bypass SECUNIA ADVISORY ID: SA44567 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44567/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44567 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44567/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44567/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44567 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM Informix Storage Manager, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the RPC library (librpc.dll) within the portmapper service when handling the "pmap_set" command. This can be exploited to bypass some access restrictions and execute certain service commands (e.g. unregister or register RPC services) via spoofed UDP packets. The vulnerability is reported in versions 11.10, 11.50, and 11.70. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: An anonymous person via ZDI. ORIGINAL ADVISORY: IBM (IC76179, IC76177, IC76178): http://www.ibm.com/support/docview.wss?uid=swg1IC76179 http://www.ibm.com/support/docview.wss?uid=swg1IC76177 http://www.ibm.com/support/docview.wss?uid=swg1IC76178 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-168/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 16:11:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 01:11:48 +0200 Subject: [SEC] [SA44601] Pligg CMS "scategory" SQL Injection Vulnerability Message-ID: <201105172311.p4HNBmAg014329@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Pligg CMS "scategory" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44601 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44601/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44601 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44601/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44601/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44601 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Pligg CMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "scategory" parameter to search.php (when "adv" is set to "1" and "search" is set to some value) and rsssearch.php (when "adv" is set to "1") is not properly sanitised before being used in a SQL query in libs/search.php. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.1.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Null-0x00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 16:50:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 01:50:34 +0200 Subject: [SEC] [SA44605] Joomla! DOCman Component SQL Injection Vulnerability Message-ID: <201105172350.p4HNoYEB003833@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Joomla! DOCman Component SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44605 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44605/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44605 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44605/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44605/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44605 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the DOCman component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input passed to the "search" functionality is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 1.4.2 and 1.5.10. SOLUTION: Update to version 1.4.2 or 1.5.10. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: DOCman: http://blog.joomlatools.eu/2011/01/docman-1510-and-142-released.html http://www.joomlatools.eu/products/docman/changelog.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 17 17:16:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 02:16:18 +0200 Subject: [SEC] [SA44626] EMC SourceOne Email Management ASP.NET Trace Information Disclosure Message-ID: <201105180016.p4I0GInf025198@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: EMC SourceOne Email Management ASP.NET Trace Information Disclosure SECUNIA ADVISORY ID: SA44626 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44626/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44626 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44626/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44626/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44626 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in EMC SourceOne Email Management, which can be exploited by malicious users to disclose sensitive information. The weakness is caused due to ASP.NET trace being enabled in the Mobile Services component, which can lead to certain information being disclosed via the trace file. The weakness is reported in the following products: * EMC SourceOne Email Management for Microsoft Exchange 6.5.2.3668 (SP2 HF3) and prior. * EMC SourceOne Email Management for Notes/Domino 6.5.2.3668 (SP2 HF3) and prior. * EMC SourceOne Email Management for Microsoft Exchange 6.6.0.1209 (HF1) and prior. * EMC SourceOne Email Management for Notes/Domino 6.6.0.1209 (HF1) and prior. SOLUTION: Disable ASP.NET trace. Please see the vendor's advisory for more information. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: EMC (ESA-2011-016): http://archives.neohapsis.com/archives/bugtraq/2011-05/att-0117/ESA-2011-016.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 10:30:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 19:30:49 +0200 Subject: [SEC] [SA44596] Network Block Device Two Denial of Service Vulnerabilities Message-ID: <201105181730.p4IHUnPO027566@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Network Block Device Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA44596 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44596/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44596 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44596/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44596/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44596 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in Network Block Device (nbd), which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error within the "serveloop()" function in ndb-server.c can be exploited to cause a NULL pointer dereference by sending certain negotiation packets to a vulnerable server. 2) An error within the "negotiate()" function in nbd-server.c when processing negotiation packets with an overly large "namelen" value can be exploited to terminate the server. The vulnerabilities are confirmed in version 2.9.21a. Other versions may also be affected. Note: Vulnerability #1 does not affect versions prior to 2.9.21. SOLUTION: Vulnerability #1 is fixed in the GIT repository. Use a firewall to restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Alex Bligh ORIGINAL ADVISORY: http://sourceforge.net/mailarchive/message.php?msg_id=27511272 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 11:30:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 20:30:52 +0200 Subject: [SEC] [SA44515] Nagios XI "reset_config_perms" Privilege Escalation Security Issue Message-ID: <201105181830.p4IIUqTo018041@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Nagios XI "reset_config_perms" Privilege Escalation Security Issue SECUNIA ADVISORY ID: SA44515 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44515/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44515 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44515/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44515/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44515 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been discovered in Nagios XI, which can be exploited by malicious, local users to gain escalated privileges. The security issue is caused due to the "/usr/local/nagiosxi/scripts/reset_config_perms" setuid binary incorrectly running the "chmod" command, which can be exploited to gain escalated privileges e.g. by setting the PATH environment variable to a directory containing a malicious binary and running the program. The vulnerability is confirmed in version 2011R1.2. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: RootBSD ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0308.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 12:30:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 21:30:41 +0200 Subject: [SEC] [SA44627] WordPress is_human() Plugin "type" Code Injection Vulnerability Message-ID: <201105181930.p4IJUf5J008515@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: WordPress is_human() Plugin "type" Code Injection Vulnerability SECUNIA ADVISORY ID: SA44627 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44627/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44627 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44627/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44627/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44627 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: neworder has discovered a vulnerability in the is_human() plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "type" parameter in engine.php (when e.g. "action" is set to "log-reset") is not properly verified before being used in an "eval()" function and can be exploited to inject and execute arbitrary PHP code. The vulnerability is confirmed in version 1.4.2. Other versions may also be affected. SOLUTION: Use a different product. PROVIDED AND/OR DISCOVERED BY: neworder ORIGINAL ADVISORY: Exploit-DB: http://www.exploit-db.com/exploits/17299/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 13:30:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 22:30:54 +0200 Subject: [SEC] [SA44599] FreeMarker Template Name Directory Traversal Vulnerability Message-ID: <201105182030.p4IKUsvU031389@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: FreeMarker Template Name Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44599 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44599/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44599 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44599/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44599/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44599 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in FreeMarker, which can be exploited by malicious users to disclose sensitive information. The vulnerability is caused due to an input sanitisation error while parsing template names, which can be exploited to load arbitrary files from local resources via directory traversal attacks via path names that contain a "\u0000" code point. Successful exploitation requires permissions to upload templates and that linking is allowed when FileTemplateLoader is used. The vulnerability is reported in versions prior to 2.3.17. SOLUTION: Update to version 2.3.17. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://freemarker.org/docs/versions_2_3_17.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 14:24:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 23:24:42 +0200 Subject: [SEC] [SA44144] MDaemon WorldClient Email Subject Script Insertion Vulnerability Message-ID: <201105182124.p4ILOggY021595@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: MDaemon WorldClient Email Subject Script Insertion Vulnerability SECUNIA ADVISORY ID: SA44144 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44144/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44144 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44144/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44144/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44144 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Dejan Levaja has discovered a vulnerability in MDaemon, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the email subject is not properly sanitised before being used in the WorldClient Summary page. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is confirmed in version 12.0.2. Other versions may also be affected. SOLUTION: Update to version 12.0.3. PROVIDED AND/OR DISCOVERED BY: Dejan Levaja via Secunia ORIGINAL ADVISORY: MDaemon (7255): http://files.altn.com/MDaemon/Release/relnotes_en.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 14:46:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 18 May 2011 23:46:50 +0200 Subject: [SEC] [SA44618] Fedora update for exim Message-ID: <201105182146.p4ILkode010371@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for exim SECUNIA ADVISORY ID: SA44618 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44618/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44618 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44618/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44618/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44618 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for exim. This fixes two vulnerabilities, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA44467 SOLUTION: Apply updated packages via the yum utility ("yum update exim"). ORIGINAL ADVISORY: FEDORA-2011-7047: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060220.html FEDORA-2011-7059: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060227.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 15:10:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 00:10:32 +0200 Subject: [SEC] [SA44614] Perl libwww-perl Module Common Name Verification Security Issue Message-ID: <201105182210.p4IMAWoA031614@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Perl libwww-perl Module Common Name Verification Security Issue SECUNIA ADVISORY ID: SA44614 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44614/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44614 RELEASE DATE: 2011-05-18 DISCUSS ADVISORY: http://secunia.com/advisories/44614/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44614/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44614 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the libwww-perl module for Perl, which can be exploited by malicious people to conduct spoofing attacks. The security issue is caused due the module not properly verifying the "Common Name" field of an SSL certificate against the hostname of the server when the "If-SSL-Cert-Subject" header is not set. This can be exploited to e.g. conduct Man-in-the-Middle (MitM) attacks. SOLUTION: Upgrade to version 6.00 or later. PROVIDED AND/OR DISCOVERED BY: aaron ORIGINAL ADVISORY: libwww-perl: http://cpansearch.perl.org/src/GAAS/libwww-perl-6.00/Changes aaron: http://vttynotes.blogspot.com/2010/12/man-in-middle-fun-with-perl-lwp.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 15:25:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 00:25:14 +0200 Subject: [SEC] [SA44594] TWiki "origurl" Cross-Site Scripting Vulnerability Message-ID: <201105182225.p4IMPEdF020049@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: TWiki "origurl" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44594 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44594/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44594 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44594/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44594/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44594 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Mesut Timur has reported a vulnerability in TWiki, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "origurl" parameter to bin/login/Sandbox/WebHome is not properly sanitised in lib/TWiki/LoginManager/TemplateLogin.pm before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 5.0.2. SOLUTION: Update to version 5.0.2. PROVIDED AND/OR DISCOVERED BY: Mesut Timur, Mavituna Security. ORIGINAL ADVISORY: TWiki: http://twiki.org/cgi-bin/view/Codev/SecurityAlert-CVE-2011-1838 Mavituna Security (NS-11-005): http://www.mavitunasecurity.com/XSS-vulnerability-in-Twiki/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 15:45:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 00:45:57 +0200 Subject: [SEC] [SA44623] Fedora update for postfix Message-ID: <201105182245.p4IMjv89008759@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for postfix SECUNIA ADVISORY ID: SA44623 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44623/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44623 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44623/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44623/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44623 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for postfix. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. For more information: SA44500 SOLUTION: Apply updated packages via the yum utility ("yum update postfix"). ORIGINAL ADVISORY: FEDORA-2011-6771: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060216.html FEDORA-2011-6777: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060215.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 16:12:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 01:12:20 +0200 Subject: [SEC] [SA44616] Fedora update for vino Message-ID: <201105182312.p4INCK6q030130@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for vino SECUNIA ADVISORY ID: SA44616 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44616/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44616 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44616/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44616/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44616 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for vino. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA44463 SOLUTION: Apply updated packages via the yum utility ("yum update vino"). ORIGINAL ADVISORY: FEDORA-2011-6773: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060225.html FEDORA-2011-6778: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060233.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 16:45:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 01:45:47 +0200 Subject: [SEC] [SA44612] Apache Tomcat "@ServletSecurity" Annotation Security Bypass Message-ID: <201105182345.p4INjlLt019400@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Apache Tomcat "@ServletSecurity" Annotation Security Bypass SECUNIA ADVISORY ID: SA44612 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44612/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44612 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44612/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44612/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44612 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Apache Tomcat, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to an error in enforcing the "@ServletSecurity" annotations when loading servlets. This can be exploited to e.g. bypass the security constraints specified via the annotations and disclose certain information when the servlet is loaded for the first time. The security issue is reported in versions 7.0.12 through 7.0.13. SOLUTION: Update to version 7.0.14. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://tomcat.apache.org/security-7.html#Fixed_in_Apache_Tomcat_7.0.14_%28released_12_May_2011%29 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 18 17:13:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 02:13:46 +0200 Subject: [SEC] [SA44611] Opera Frameset Handling Memory Corruption Vulnerability Message-ID: <201105190013.p4J0Dka2008454@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Opera Frameset Handling Memory Corruption Vulnerability SECUNIA ADVISORY ID: SA44611 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44611/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44611 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44611/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44611/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44611 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Opera, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when handling certain frameset constructs during page unloading and can be exploited to corrupt memory via a specially crafted web page. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 11.11. SOLUTION: Update to version 11.11. PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person via SecuriTeam. ORIGINAL ADVISORY: Opera: http://www.opera.com/support/kb/view/992/ http://www.opera.com/docs/changelogs/windows/1111/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 10:31:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 19:31:35 +0200 Subject: [SEC] [SA44648] KVM qemu-kvm PIIX4 Hotplug Vulnerability Message-ID: <201105191731.p4JHVZpS006458@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: KVM qemu-kvm PIIX4 Hotplug Vulnerability SECUNIA ADVISORY ID: SA44648 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44648/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44648 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44648/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44648/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44648 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in KVM qemu-kvm, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges. The vulnerability is caused due to the PIIX4 emulation allowing to unplug non-hotpluggable PCI devices. For more information: SA44458 SOLUTION: Restrict access to trusted users only. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 11:31:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 20:31:54 +0200 Subject: [SEC] [SA44625] Linux Kernel "ip_expire()" Denial of Service Vulnerability Message-ID: <201105191831.p4JIVsGH029353@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Linux Kernel "ip_expire()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44625 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44625/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44625 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44625/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44625/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44625 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "ip_expire()" function in net/ipv4/ip_fragment.c, which can be exploited to cause a crash by e.g. sending fragmented packets to the system. SOLUTION: Update to version 2.6.39. PROVIDED AND/OR DISCOVERED BY: Aristide Fattori and Roberto Paleari ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/bugtraq/2011-05/0123.html http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=64f3b9e203bd06855072e295557dca1485a2ecba OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 12:31:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 21:31:31 +0200 Subject: [SEC] [SA44630] Moodle Multiple Vulnerabilities Message-ID: <201105191931.p4JJVVPx019810@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Moodle Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44630 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44630/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44630 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44630/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44630/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44630 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Moodle, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks. 1) An error exists in the handling of access permissions of a teacher when viewing student reports of a group via the quiz review page. This can be exploited to view otherwise restricted reports of all students. 2) An error exists in user/profile.php when viewing the full profile page, which could lead to a user's email address being displayed to users other than course members. This vulnerability does not affect versions 1.9.x. 3) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This vulnerability does not affect versions 2.0.x. SOLUTION: Update to version 1.9.12 or 2.0.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Claire Browne 2) Petr Skoda 3) Panagiotis Petasis ORIGINAL ADVISORY: MSA-11-0013: http://moodle.org/mod/forum/discuss.php?d=175590 MSA-11-0014: http://moodle.org/mod/forum/discuss.php?d=175591 MSA-11-0015: http://moodle.org/mod/forum/discuss.php?d=175592 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 13:32:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 22:32:18 +0200 Subject: [SEC] [SA44635] Drupal Webform Module Script Insertion Vulnerabilities Message-ID: <201105192032.p4JKWINV010315@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Drupal Webform Module Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA44635 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44635/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44635 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44635/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44635/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44635 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in the Webform module for Drupal, which can be exploited by malicious users and malicious people to conduct script insertion attacks. 1) Input passed via the "name" parameter when submitting a new webform field is not properly sanitised in sites/all/modules/webform/includes/webform.report.inc before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires the "create webform content" or "administer nodes" permission. 2) Input passed via the filename when uploading a file through a webform is not properly sanitised in sites/all/modules/webform/components/file.inc before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in versions 6.x-2.10, 6.x-3.9, and 7.x-3.9. SOLUTION: Update to a patched version. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Justin Klein Keane. ORIGINAL ADVISORY: SA-CONTRIB-2011-021: http://drupal.org/node/1161954 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 14:26:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 23:26:36 +0200 Subject: [SEC] [SA44607] Joomla! jDownloads Component Arbitrary File Upload Vulnerability Message-ID: <201105192126.p4JLQapM000462@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Joomla! jDownloads Component Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA44607 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44607/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44607 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44607/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44607/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44607 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered the jDownloads component for Joomla!, which can be exploited by malicious users to compromise a vulnerable system. The application improperly validates uploaded files, which can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. an appended ".gif" file extension. Successful exploitation requires "Manager" permissions in the backend and that Apache is not configured to handle the mime-type for media files with e.g. a ".jpg" or ".gif" extension. The vulnerability is confirmed in version 1.8.1. Other versions may also be affected. SOLUTION: Restrict access to the jdownloads directory (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: Al-Ghamdi OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 14:46:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 19 May 2011 23:46:50 +0200 Subject: [SEC] [SA44604] IBM Virtualization Manager extension for IBM Director Unspecified Vulnerability Message-ID: <201105192146.p4JLkomg021619@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: IBM Virtualization Manager extension for IBM Director Unspecified Vulnerability SECUNIA ADVISORY ID: SA44604 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44604/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44604 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44604/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44604/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44604 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the IBM Virtualization Manager for IBM Director, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in version 1.2.2. SOLUTION: Uninstall the product or upgrade to Director 6.x with VMControl. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM: http://www-01.ibm.com/support/docview.wss?uid=nas7057acf6c8f05fa568625787e0059fb36 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 15:11:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 00:11:46 +0200 Subject: [SEC] [SA44458] Qemu PIIX4 Hotplug Vulnerability Message-ID: <201105192211.p4JMBkSd010531@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Qemu PIIX4 Hotplug Vulnerability SECUNIA ADVISORY ID: SA44458 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44458/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44458 RELEASE DATE: 2011-05-19 DISCUSS ADVISORY: http://secunia.com/advisories/44458/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44458/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44458 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Qemu, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges. The vulnerability is caused due to the PIIX4 emulation allowing to unplug non-hotpluggable PCI devices, which can be exploited to dereference invalid memory and e.g. execute arbitrary code. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Nelson Elhage ORIGINAL ADVISORY: http://lists.nongnu.org/archive/html/qemu-devel/2011-05/msg01810.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 15:47:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 00:47:14 +0200 Subject: [SEC] [SA44491] IBM OS/400 HTTP Server "apr_fnmatch()" Denial of Service Vulnerability Message-ID: <201105192247.p4JMlEOq032294@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: IBM OS/400 HTTP Server "apr_fnmatch()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44491 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44491/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44491 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44491/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44491/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44491 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a vulnerability in OS/400, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44574 SOLUTION: Apply APAR SE48097. ORIGINAL ADVISORY: IBM (SE48097): http://www-01.ibm.com/support/docview.wss?uid=nas2be723d486f51dd5386257895003ca15c OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 16:11:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 01:11:59 +0200 Subject: [SEC] [SA44634] Radvision iVIEW SCOPIA Management Suite SQL Injection Vulnerability Message-ID: <201105192311.p4JNBxKm021197@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Radvision iVIEW SCOPIA Management Suite SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44634 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44634/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44634 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44634/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44634/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44634 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Radvision iVIEW SCOPIA Management Suite, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 7.5. SOLUTION: Update Radvision iVIEW SCOPIA Management Suite and SCOPIA Desktop to version 7.5 or later. PROVIDED AND/OR DISCOVERED BY: JVN credits Hirofumi Oka, NRI Secure Technologies. ORIGINAL ADVISORY: http://jvn.jp/en/jp/JVN77697803/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000030.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 16:46:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 01:46:46 +0200 Subject: [SEC] [SA44646] CiscoWorks Common Services "file" Directory Traversal Vulnerability Message-ID: <201105192346.p4JNkkoL010541@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: CiscoWorks Common Services "file" Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44646 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44646/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44646 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44646/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44646/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44646 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CiscoWorks Common Services, which can be exploited by malicious people to disclose sensitive information. Input passed via the "file" parameter to cwhp/auditLog.do in the Homepage Auditing component is not properly verified before being used to read files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. The vulnerability is reported in versions 3.3 and prior. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Sense of Security Labs ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=23089 Sense of Security Labs: http://www.senseofsecurity.com.au/advisories/SOS-11-006 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 17:14:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 02:14:44 +0200 Subject: [SEC] [SA44547] klibc DHCP Response Processing Input Sanitation Vulnerability Message-ID: <201105200014.p4K0EiG2031972@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: klibc DHCP Response Processing Input Sanitation Vulnerability SECUNIA ADVISORY ID: SA44547 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44547/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44547 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44547/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44547/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44547 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in klibc, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to certain shell meta-characters not being stripped or escaped when processing responses from a DHCP server. This can be exploited to inject arbitrary shell commands via specially crafted DHCP response. The vulnerability is reported in versions prior to 1.5.22. SOLUTION: Update to version 1.5.22. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.zytor.com/pipermail/klibc/2011-May/002907.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 17:47:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 02:47:03 +0200 Subject: [SEC] [SA44563] XtreamerPRO File Disclosure and Arbitrary File Upload Vulnerabilities Message-ID: <201105200047.p4K0l35s021206@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: XtreamerPRO File Disclosure and Arbitrary File Upload Vulnerabilities SECUNIA ADVISORY ID: SA44563 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44563/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44563 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44563/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44563/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44563 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Itzik Chen has reported two vulnerabilities in XtreamerPRO, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system. 1) Input passed to the "dir" and "file" parameters in download.php is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks. 2) The vulnerability is caused due to the upload_file.php script improperly verifying uploaded files. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script. The vulnerabilities are reported in versions 2.6.0 and 2.7.0. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only using a firewall or filter malicious requests using a proxy. PROVIDED AND/OR DISCOVERED BY: Itzik Chen OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 18:11:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 03:11:32 +0200 Subject: [SEC] [SA44512] libmspack LZX Decoder and CHM Reader Vulnerabilities Message-ID: <201105200111.p4K1BW8C010083@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: libmspack LZX Decoder and CHM Reader Vulnerabilities SECUNIA ADVISORY ID: SA44512 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44512/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44512 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44512/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44512/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44512 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities with unknown impacts have been reported in libmspack. The vulnerabilities are caused due to unspecified errors within the LZX decoder and CHM reader. No further information is currently available. The vulnerabilities are reported in versions prior to 0.3. SOLUTION: Update to version 0.3. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://freshmeat.net/projects/libmspack/releases/331901 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 18:47:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 03:47:28 +0200 Subject: [SEC] [SA44639] TIBCO iProcess Suite Cross-Site Scripting and Session Fixation Vulnerabilities Message-ID: <201105200147.p4K1lShn031887@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: TIBCO iProcess Suite Cross-Site Scripting and Session Fixation Vulnerabilities SECUNIA ADVISORY ID: SA44639 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44639/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44639 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44639/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44639/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44639 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in TIBCO iProcess Suite, which can be exploited by malicious people to conduct cross-site scripting and session fixation attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An error in the handling of sessions can be exploited to hijack another user's session by tricking the user into logging in after following a specially crafted link. The vulnerabilities are reported in the following products: * TIBCO iProcess Engine versions prior to 11.1.3. * TIBCO iProcess Workspace (Browser) versions prior to 11.3.1. SOLUTION: Update to a patched version. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.tibco.com/multimedia/iprocess_advisory_20110518_tcm8-13710.txt http://www.tibco.com/services/support/advisories/iprocess-advisory_20110518.jsp OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 19:15:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 04:15:54 +0200 Subject: [SEC] [SA44640] Intel Ethernet 10 Gigabit Ethernet Controllers Denial of Service Vulnerability Message-ID: <201105200215.p4K2Fs3I021420@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Intel Ethernet 10 Gigabit Ethernet Controllers Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44640 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44640/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44640 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44640/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44640/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44640 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Intel Ethernet 10 Gigabit Ethernet Controllers, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in the following products: * Intel 82598 10 Gigabit Ethernet Controller * Intel 82599 10 Gigabit Ethernet Controller SOLUTION: Update to a patched version. Please see the vendor's advisory for more information. PROVIDED AND/OR DISCOVERED BY: The vendor credits a business partner. ORIGINAL ADVISORY: Intel (INTEL-SA-00028): http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00028&languageid=en-fr OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 19:48:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 04:48:03 +0200 Subject: [SEC] [SA44610] Room Juice "filename" Cross-Site Scripting Vulnerability Message-ID: <201105200248.p4K2m3Bj010649@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Room Juice "filename" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44610 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44610/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44610 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44610/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44610/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44610 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in Room Juice, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "filename" parameter in display.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 0.3.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/Room-Juice-0.3.3-Reflected-Cross-site-Scripting-219 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 20:12:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 05:12:29 +0200 Subject: [SEC] [SA44615] Zend Framework PDO_MySql Character Set Weakness Message-ID: <201105200312.p4K3CTc2031932@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Zend Framework PDO_MySql Character Set Weakness SECUNIA ADVISORY ID: SA44615 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44615/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44615 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44615/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44615/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44615 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Zend Framework, which can be exploited by malicious people to bypass certain security features. The weakness is caused due to the framework not correctly propagating the character set used by the database to underlying components, which can be exploited to bypass the filtering mechanism and e.g. conduct SQL injection attacks. Note: This does not affect configurations using ASCII-compatible encodings (e.g. UTF8 or latin1). The weakness is reported in versions prior to 1.10.9 and 1.11.6. SOLUTION: Update to version 1.10.9 or 1.11.6 and PHP version 5.3.6 or higher. PROVIDED AND/OR DISCOVERED BY: The vendor credits Anthony Ferrara. ORIGINAL ADVISORY: http://framework.zend.com/security/advisory/ZF2011-02 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 20:47:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 05:47:35 +0200 Subject: [SEC] [SA44597] Cisco Unified Operations Manager Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201105200347.p4K3lZ6u021274@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Cisco Unified Operations Manager Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA44597 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44597/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44597 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44597/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44597/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44597 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Cisco Unified Operations Manager, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "CCMs" parameter to iptm/PRTestCreation.do and the "ccm" parameter to iptm/TelePresenceReportAction.do is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via various parameters to multiple scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Examples: http://[host]/iptm/advancedfind.do?extn=[code] http://[host]/iptm/ddv.do?deviceCapability=deviceCap&deviceInstanceName=[code] http://[host]/iptm/eventmon?viewname=device.filter&operation=getFilter&cmd=[code] http://[host]/iptm/eventmon?cmd=getDeviceData&group=[code] http://[host]/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?clusterName=[code] http://[host]/iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp?deviceName=[code] http://[host]/iptm/logicalTopo.do?ccmName=[code] http://[host]/iptm/logicalTopo.do?clusterName=[code] 3) Input passed via the "tag" parameter to CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine in Common Services Device Center is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions 8.0 and 8.5. Other versions may also be affected. SOLUTION: Updated to version 8.6. PROVIDED AND/OR DISCOVERED BY: Sense of Security Labs ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=23085 http://tools.cisco.com/security/center/viewAlert.x?alertId=23086 http://tools.cisco.com/security/center/viewAlert.x?alertId=23087 Sense of Security Labs: http://www.senseofsecurity.com.au/advisories/SOS-11-006 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 19 21:12:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 06:12:06 +0200 Subject: [SEC] [SA44645] CiscoWorks Common Services "device" Cross-Site Scripting Vulnerability Message-ID: <201105200412.p4K4C6dK010161@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: CiscoWorks Common Services "device" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44645 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44645/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44645 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44645/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44645/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44645 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in CiscoWorks Common Services, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "device" parameter to cwhp/device.center.do in the Framework Help servlet is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. The vulnerability is reported in versions 3.3 and prior. SOLUTION: Update to a fixed version. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: Sense of Security Labs ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=23088 Sense of Security Labs: http://www.senseofsecurity.com.au/advisories/SOS-11-006 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 10:32:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 19:32:24 +0200 Subject: [SEC] [SA44602] Ultimate PHP Board File Deletion Security Bypass Vulnerability Message-ID: <201105201732.p4KHWOtt001458@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Ultimate PHP Board File Deletion Security Bypass Vulnerability SECUNIA ADVISORY ID: SA44602 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44602/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44602 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44602/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44602/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44602 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gi beom Hong has discovered a vulnerability in Ultimate PHP Board, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to ajax.php not properly verifying permissions before deleting a file attachment and can be exploited via a specially crafted POST request. The vulnerability is confirmed in version 2.2.7. Other versions may also be affected. SOLUTION: Restrict access to the ajax.php script (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: Gi beom Hong, i2Sec. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 11:31:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 20:31:50 +0200 Subject: [SEC] [SA44651] Red Hat update for kernel Message-ID: <201105201831.p4KIVoYG024372@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA44651 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44651/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44651 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44651/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44651/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44651 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose system information and cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service). For more information: SA39080 SA42128 SA43009 SA43594 SA43806 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0542-1: https://rhn.redhat.com/errata/RHSA-2011-0542.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 12:31:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 21:31:53 +0200 Subject: [SEC] [SA44631] SUSE update for kernel Message-ID: <201105201931.p4KJVrAO014844@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA44631 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44631/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44631 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44631/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44631/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44631 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially gain escalated privileges, by malicious people with physical access to potentially compromise a vulnerable system, and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA39080 SA41493 SA43009 SA43576 SA43716 SA43806 SA43841 SA43846 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0512-1: https://hermes.opensuse.org/messages/8512828 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 13:31:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 22:31:48 +0200 Subject: [SEC] [SA44642] Red Hat update for dovecot Message-ID: <201105202031.p4KKVmIk005301@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for dovecot SECUNIA ADVISORY ID: SA44642 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44642/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44642 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44642/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44642/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44642 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for dovecot. This fixes two vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service). For more information: SA41723 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0600-1: https://rhn.redhat.com/errata/RHSA-2011-0600.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 14:26:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 23:26:13 +0200 Subject: [SEC] [SA44653] Red Hat update for tomcat6 Message-ID: <201105202126.p4KLQDuj027935@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for tomcat6 SECUNIA ADVISORY ID: SA44653 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44653/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44653 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44653/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44653/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44653 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for tomcat6. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks. For more information: SA43198 SA42337 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0791-01: https://rhn.redhat.com/errata/RHSA-2011-0791.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 14:46:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 20 May 2011 23:46:33 +0200 Subject: [SEC] [SA44660] SUSE update for kvm Message-ID: <201105202146.p4KLkXd3016617@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for kvm SECUNIA ADVISORY ID: SA44660 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44660/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44660 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44660/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44660/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44660 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for kvm. This fixes some vulnerabilities, which can be exploited by malicious, local users in a guest system to cause a DoS (Denial of Service) and gain escalated privileges. For more information: SA44132 SA44648 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0510-1: https://hermes.opensuse.org/messages/8511476 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 15:11:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 00:11:40 +0200 Subject: [SEC] [SA44649] Red Hat update for perl Message-ID: <201105202211.p4KMBeb2005504@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for perl SECUNIA ADVISORY ID: SA44649 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44649/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44649 RELEASE DATE: 2011-05-20 DISCUSS ADVISORY: http://secunia.com/advisories/44649/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44649/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44649 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for perl. This fixes a weakness and a vulnerability, which can be exploited by malicious people to bypass certain security features and conduct HTTP response splitting attacks. For more information: SA42443 SA42461 SA43921 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0558-1: https://rhn.redhat.com/errata/RHSA-2011-0558.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 15:46:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 00:46:25 +0200 Subject: [SEC] [SA44652] Red Hat update for pidgin Message-ID: <201105202246.p4KMkPn7027258@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for pidgin SECUNIA ADVISORY ID: SA44652 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44652/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44652 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44652/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44652/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44652 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for pidgin. This fixes a weakness, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43695 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0616-01: https://rhn.redhat.com/errata/RHSA-2011-0616.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 16:12:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 01:12:09 +0200 Subject: [SEC] [SA44654] Red Hat update for sudo Message-ID: <201105202312.p4KNC90R016197@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for sudo SECUNIA ADVISORY ID: SA44654 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44654/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44654 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44654/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44654/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44654 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for sudo. This fixes a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA42886 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0599-01: https://rhn.redhat.com/errata/RHSA-2011-0599.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 16:46:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 01:46:47 +0200 Subject: [SEC] [SA44655] Red Hat update for sssd Message-ID: <201105202346.p4KNklgk005521@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for sssd SECUNIA ADVISORY ID: SA44655 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44655/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44655 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44655/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44655/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44655 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for sssd. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA43053 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0560-01: https://rhn.redhat.com/errata/RHSA-2011-0560.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 17:14:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 02:14:33 +0200 Subject: [SEC] [SA44658] Red Hat update for qemu-kvm Message-ID: <201105210014.p4L0EX4s026965@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for qemu-kvm SECUNIA ADVISORY ID: SA44658 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44658/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44658 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44658/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44658/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44658 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for qemu-kvm. This fixes some vulnerabilities, which can be exploited by malicious, local users in a guest system to cause a DoS (Denial of Service) and gain escalated privileges. For more information: SA44132 SA44648 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0534-1: https://rhn.redhat.com/errata/RHSA-2011-0534.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 17:46:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 02:46:56 +0200 Subject: [SEC] [SA44657] Red Hat update for openssl Message-ID: <201105210046.p4L0kuva016197@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for openssl SECUNIA ADVISORY ID: SA44657 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44657/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44657 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44657/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44657/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44657 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). For more information: SA43227 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0677-1: https://rhn.redhat.com/errata/RHSA-2011-0677.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 18:11:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 03:11:37 +0200 Subject: [SEC] [SA44656] Red Hat update for python Message-ID: <201105210111.p4L1BbOK005069@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for python SECUNIA ADVISORY ID: SA44656 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44656/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44656 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44656/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44656/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44656 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for python. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service). For more information: SA41968 SA43463 SA43831 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0554-1: https://rhn.redhat.com/errata/RHSA-2011-0554.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 18:47:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 03:47:08 +0200 Subject: [SEC] [SA44643] Red Hat update for eclipse Message-ID: <201105210147.p4L1l8nG026853@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for eclipse SECUNIA ADVISORY ID: SA44643 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44643/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44643 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44643/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44643/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44643 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for eclipse. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA42236 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0568-1: https://rhn.redhat.com/errata/RHSA-2011-0568.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 19:17:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 04:17:39 +0200 Subject: [SEC] [SA44582] Debian update for vino Message-ID: <201105210217.p4L2HdgM016464@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Debian update for vino SECUNIA ADVISORY ID: SA44582 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44582/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44582 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44582/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44582/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44582 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for vino. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA44463 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2238-1: http://www.debian.org/security/2011/dsa-2238 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 19:46:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 04:46:51 +0200 Subject: [SEC] [SA44650] Red Hat update for squid Message-ID: <201105210246.p4L2kp2I005527@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for squid SECUNIA ADVISORY ID: SA44650 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44650/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44650 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44650/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44650/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44650 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for squid. This fixes a vulnerability, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA41298 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0545-1: https://rhn.redhat.com/errata/RHSA-2011-0545.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 20:11:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 05:11:32 +0200 Subject: [SEC] [SA44659] Red Hat update for libguestfs Message-ID: <201105210311.p4L3BWVF026835@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Red Hat update for libguestfs SECUNIA ADVISORY ID: SA44659 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44659/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44659 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44659/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44659/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44659 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for libguestfs. This fixes a weakness, which can be exploited by malicious, local users in a guest virtual machine to gain access to potentially sensitive information. For more information: SA41797 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: RHSA-2011:0586-1: https://rhn.redhat.com/errata/RHSA-2011-0586.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 20:46:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 05:46:26 +0200 Subject: [SEC] [SA44571] Mitel Audio and Web Conferencing Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201105210346.p4L3kQAv016175@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Mitel Audio and Web Conferencing Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44571 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44571/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44571 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44571/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44571/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44571 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Mitel Audio and Web Conferencing, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "SID" parameter to wd/wdinvite.asp, the "uid" and "sid" parameters to wd/connect.asp, and the "type" parameter to wd/applets/Error.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. The vulnerabilities are reported in version 4.4.3.0. Other versions may also be affected. SOLUTION: Reportedly, the vendor has issued a fix. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: Richard Brain, ProCheckUp. ORIGINAL ADVISORY: ProCheckUp: http://www.procheckup.com/vulnerability_manager/vulnerabilities/pr10-15 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 21:12:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 06:12:49 +0200 Subject: [SEC] [SA44558] Apache APR "apr_fnmatch()" Infinite Loop Denial of Service Vulnerability Message-ID: <201105210412.p4L4CnRm005129@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Apache APR "apr_fnmatch()" Infinite Loop Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44558 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44558/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44558 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44558/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44558/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44558 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache APR, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the "apr_fnmatch()" function when processing certain patterns, which can be exploited to trigger an infinite loop and cause high CPU consumption. The vulnerability is reported in version 1.4.4. SOLUTION: Fixed in the SVN repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by Tanguy Ortolo in a Debian bug report. ORIGINAL ADVISORY: Apache: http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/%3C4DD55092.3030403 at apache.org%3E https://issues.apache.org/bugzilla/show_bug.cgi?id=51219 Debian bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 20 21:46:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 21 May 2011 06:46:47 +0200 Subject: [SEC] [SA44661] Apache HTTP Server APR "apr_fnmatch()" Infinite Loop Denial of Service Vulnerability Message-ID: <201105210446.p4L4klI9026844@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Apache HTTP Server APR "apr_fnmatch()" Infinite Loop Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44661 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44661/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44661 RELEASE DATE: 2011-05-21 DISCUSS ADVISORY: http://secunia.com/advisories/44661/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44661/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44661 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apache HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44558 Successful exploitation requires that "mod_autoindex" is enabled. The vulnerability is reported in version 2.2.18. SOLUTION: Fixed in the SVN repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Reported by Tanguy Ortolo in a Debian bug. ORIGINAL ADVISORY: Apache: http://mail-archives.apache.org/mod_mbox/httpd-announce/201105.mbox/%3C4DD55092.3030403 at apache.org%3E https://issues.apache.org/bugzilla/show_bug.cgi?id=51219 Debian bug: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=627182 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 12:31:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 May 2011 21:31:52 +0200 Subject: [SEC] [SA44671] phpScheduleIt Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201105241931.p4OJVq6A004514@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: phpScheduleIt Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44671 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44671/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44671 RELEASE DATE: 2011-05-24 DISCUSS ADVISORY: http://secunia.com/advisories/44671/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44671/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44671 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in phpScheduleIt, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the URL to forgot_pwd.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the URL to index.php or register.php is not properly sanitised in templates/auth.template.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the URL to roschedule.php is not properly sanitised in templates/schedule.template.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Input passed via the "scheduleid" parameter to popCalendar.php is not properly sanitised in lib/Calendar.class.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 1.2.12. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB22987: http://www.htbridge.ch/advisory/multiple_xss_in_phpscheduleit.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 13:33:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 May 2011 22:33:20 +0200 Subject: [SEC] [SA44523] Zeacom Chat Server "JSESSIONID" Brute Force Weakness Message-ID: <201105242033.p4OKXKlh027477@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Zeacom Chat Server "JSESSIONID" Brute Force Weakness SECUNIA ADVISORY ID: SA44523 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44523/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44523 RELEASE DATE: 2011-05-24 DISCUSS ADVISORY: http://secunia.com/advisories/44523/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44523/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44523 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Zeacom Chat Server, which can be exploited by malicious people to conduct brute force attacks. The weakness is caused due to session IDs being generated insecurely, which can be exploited to brute force valid session IDs. The weakness is reported in versions prior to 5.0 SP4. SOLUTION: Reportedly, the vendor has issued a fix. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: Daniel Clemens, Packetninjas. ORIGINAL ADVISORY: http://www.packetninjas.net/storage/advisories/Zeacom-CVE-2010-0217.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 14:25:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 May 2011 23:25:48 +0200 Subject: [SEC] [SA44526] GeoIP C API Directory Traversal Vulnerabilities Message-ID: <201105242125.p4OLPmPJ017607@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: GeoIP C API Directory Traversal Vulnerabilities SECUNIA ADVISORY ID: SA44526 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44526/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44526 RELEASE DATE: 2011-05-24 DISCUSS ADVISORY: http://secunia.com/advisories/44526/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44526/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44526 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in GeoIP C API, which can be exploited by malicious people to compromise a vulnerable system. 1) The "GeoIP_update_database_general()" function does not correctly sanitise the filename returned from the update server. This can be exploited by e.g. a malicious update server to overwrite arbitrary files with the privileges of the user running the update via directory traversal attacks. Note: This is related to SA23880 and may only affect Windows systems. 2) The "geoipupdate-pureperl.pl" script does not correctly sanitise the filename returned from the update server. This can be exploited by e.g. a malicious update server to overwrite arbitrary files with the privileges of the user running the update via directory traversal attacks. The vulnerabilities are reported in version 1.4.7. Other versions may also be affected. SOLUTION: Manually download and install database updates. PROVIDED AND/OR DISCOVERED BY: Anthon Pang ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/05/20/4 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 14:46:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 24 May 2011 23:46:56 +0200 Subject: [SEC] [SA44700] IBM WebSphere Portal Search Center Cross-Site Scripting Vulnerability Message-ID: <201105242146.p4OLku5g006341@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: IBM WebSphere Portal Search Center Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44700 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44700/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44700 RELEASE DATE: 2011-05-24 DISCUSS ADVISORY: http://secunia.com/advisories/44700/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44700/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44700 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere Portal, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain input passed to the search center is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 7.0.0.1 running in AIX, IBM i, Linux, Solaris, Windows, and z/OS. SOLUTION: Apply combined cumulative fix CF004. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PM37009, PM36644): http://www.ibm.com/support/docview.wss?uid=swg24029452 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 15:11:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 00:11:26 +0200 Subject: [SEC] [SA44668] DH-MLM "affid" and "password" SQL Injection Vulnerabilities Message-ID: <201105242211.p4OMBQmE027622@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: DH-MLM "affid" and "password" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA44668 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44668/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44668 RELEASE DATE: 2011-05-24 DISCUSS ADVISORY: http://secunia.com/advisories/44668/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44668/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44668 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in DH-MLM, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "affid" and "password" parameters to login.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation allows bypassing the authentication mechanism. The vulnerabilities are reported in version 3.6.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Kalashinkov3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 15:47:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 00:47:52 +0200 Subject: [SEC] [SA44692] Joomla Map Locator "cid" SQL Injection Vulnerabilities Message-ID: <201105242247.p4OMlqYD017035@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Joomla Map Locator "cid" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA44692 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44692/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44692 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44692/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44692/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44692 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in the Map Locator component for Joomla, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "cid" parameter to index.php (when "option" is set to "com_maplocator" and "view" is set to "city", "country", "sites", or "state") is not properly sanitised in components/com_maplocator/models/city.php, components/com_maplocator/models/country.php, components/com_maplocator/models/sites.php, and components/com_maplocator/models/state.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Fl0riX OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 16:14:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 01:14:35 +0200 Subject: [SEC] [SA44669] My Little Forum Cross-Site Request Forgery Vulnerability Message-ID: <201105242314.p4ONEZ0V006027@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: My Little Forum Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44669 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44669/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44669 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44669/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44669/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44669 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in My Little Forum, which can be exploited by malicious people to conduct cross-site request forgery attacks. The vulnerability is caused due to My Little Forum allowing users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. create a new user when a logged-in administrator visits a specially crafted web page. The vulnerability has been confirmed in version 2.2.8. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: ^Xecuti0N3r ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/101633/mylittleforum-xsrf.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 16:51:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 01:51:32 +0200 Subject: [SEC] [SA44062] Avaya WinPDM Multiple Buffer Overflow Vulnerabilities Message-ID: <201105242351.p4ONpWq9027862@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Avaya WinPDM Multiple Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA44062 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44062/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44062 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44062/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44062/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44062 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Abdul-Aziz Hariri has discovered multiple vulnerabilities in Avaya WinPDM, which can be exploited by malicious people to compromise a vulnerable system. 1) A boundary error in the Unite Host Router service (UniteHostRouter.exe) when processing certain requests can be exploited to cause a stack-based buffer overflow via an overly long string in the "To:" field sent to UDP port 3217. 2) A boundary error in UspCsi.exe when processing certain requests can be exploited to cause a heap-based buffer overflow via a specially crafted overly long string sent to UDP port 10136. Successful exploitation of these vulnerabilities allows execution of arbitrary code. 3) A boundary error in CuspSerialCsi.exe when processing certain requests can be exploited to cause a heap-based buffer overflow via a specially crafted overly long string sent to UDP port 10158. 4) A boundary error in MwpCsi.exe when processing certain requests can be exploited to cause a heap-based buffer overflow via a specially crafted overly long string sent to UDP port 10137. 5) A boundary error in PMServer.exe when processing certain requests can be exploited to cause a heap-based buffer overflow via a specially crafted overly long string sent to UDP port 10138. Successful exploitation of vulnerabilities #3 through #5 may allow execution of arbitrary code. The vulnerabilities are reported in versions prior to 3.8.5 (confirmed in 3.8.2). SOLUTION: Update to version 3.8.5. PROVIDED AND/OR DISCOVERED BY: Abdul-Aziz Hariri via Secunia ORIGINAL ADVISORY: Avaya (ASA-2011-143): https://support.avaya.com/css/P8/documents/100140122 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 17:15:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 02:15:49 +0200 Subject: [SEC] [SA44636] VisiWave Site Survey File Processing Buffer Overflow Vulnerability Message-ID: <201105250015.p4P0Fn6i016735@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: VisiWave Site Survey File Processing Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44636 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44636/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44636 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44636/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44636/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44636 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in VisiWave Site Survey, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error when processing report files (".vwr") and can be exploited to cause a stack-based buffer overflow via a specially crafted file. Successful exploitation allows execution of arbitrary code, but requires tricking a user into opening a malicious report file. The vulnerability is reported in versions prior to 2.1.9. SOLUTION: Update to version 2.1.9. PROVIDED AND/OR DISCOVERED BY: mr_me ORIGINAL ADVISORY: VisiWave: http://www.visiwave.com/blog/index.php?/archives/4-Version-2.1.9-Released.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 17:47:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 02:47:24 +0200 Subject: [SEC] [SA44638] Ruby BigDecimal Integer Truncation Vulnerability Message-ID: <201105250047.p4P0lOJT005937@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Ruby BigDecimal Integer Truncation Vulnerability SECUNIA ADVISORY ID: SA44638 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44638/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44638 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44638/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44638/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44638 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Ruby, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to an integer truncation vulnerability within the "VpMemAlloc()" function in ext/bigdecimal/bigdecimal.c, which can be exploited to e.g. cause a memory corruption. Note: This only affects 64bit systems. The vulnerability is reported in versions 1.8.7 p334 and 1.9.2 p180. Other versions may also be affected. SOLUTION: Fixed in the SVN repository. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Drew Yao, Apple Product Security ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=682332 http://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=30993 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 18:12:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 03:12:52 +0200 Subject: [SEC] [SA44676] Textpattern Cross-Site Request Forgery Vulnerability Message-ID: <201105250112.p4P1Cq2N027262@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Textpattern Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44676 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44676/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44676 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44676/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44676/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44676 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Textpattern, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrator's password by tricking a logged-in administrator into visiting a malicious web site. The vulnerability is confirmed in version 4.4.0. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: ^Xecuti0n3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 18:47:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 03:47:11 +0200 Subject: [SEC] [SA44456] Legacy Family Tree ActiveBar ActiveX Control Vulnerabilities Message-ID: <201105250147.p4P1lBbv016580@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Legacy Family Tree ActiveBar ActiveX Control Vulnerabilities SECUNIA ADVISORY ID: SA44456 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44456/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44456 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44456/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44456/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44456 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been discovered in Legacy Family Tree, which can be exploited by malicious people to compromise a user's system. The application bundles a vulnerable version of the Data Dynamics ActiveBar ActiveX control. For more information: SA26098 SA43474 The vulnerabilities are confirmed in version 7.5.0.77 bundling ActBar.ocx version 1.0.6.5. SOLUTION: Upgrade to version 8.0 when it becomes available (scheduled for December 2011). PROVIDED AND/OR DISCOVERED BY: Originally reported in Data Dynamics ActiveBar ActiveX Control by shinnai and Parvez Anwar. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 24 19:17:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 04:17:58 +0200 Subject: [SEC] [SA44637] TYPO3 phpMyAdmin Extension Redirection and Cross-Site Scripting Vulnerabilities Message-ID: <201105250217.p4P2Hw77006202@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: TYPO3 phpMyAdmin Extension Redirection and Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA44637 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44637/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44637 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44637/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44637/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44637 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and a vulnerability have been reported in the phpMyAdmin extension for TYPO3, which can be exploited by malicious people to conduct spoofing and cross-site scripting attacks. 1) Certain unspecified input is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. 2) Input passed via an arbitrary table name is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This is related to: SA44641 The weakness and the vulnerability are reported in versions 4.10.3 and prior. SOLUTION: Update to version 4.11.0. PROVIDED AND/OR DISCOVERED BY: The vendor credits dave b and Kian Mohageri. ORIGINAL ADVISORY: TYPO3-SA-2011-005: http://typo3.org/teams/security/security-bulletins/typo3-sa-2011-005/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 10:32:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 19:32:38 +0200 Subject: [SEC] [SA44666] Sybase EAServer Directory Traversal Vulnerability Message-ID: <201105251732.p4PHWcCB019928@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Sybase EAServer Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44666 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44666/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44666 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44666/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44666/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44666 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sybase EAServer, which can be exploited by malicious people to disclose sensitive information. Certain unspecified input is not properly verified before being used to read files. This can be exploited to read the contents of arbitrary files via directory traversal attacks. The vulnerability is reported in versions prior to 6.3.1 ESD# 2 and 6.2 ESD# 4. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits iDefense Labs. ORIGINAL ADVISORY: Sybase (CR# 647420): http://www.sybase.com/detail?id=1093216 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 11:31:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 20:31:09 +0200 Subject: [SEC] [SA44624] IBM Lotus Notes File Viewers Multiple Vulnerabilities Message-ID: <201105251831.p4PIV9e8010339@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: IBM Lotus Notes File Viewers Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44624 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44624/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44624 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44624/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44624/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44624 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system. 1) An error within xlssr.dll when parsing a Binary File Format (BIFF) record in an Excel spreadsheet can be exploited to cause a heap-based buffer overflow. 2) An unspecified error within lzhsr.dll when parsing LZH file format can be exploited to cause a buffer overflow. 3) An unspecified error within rtfsr.dll when parsing RTF file format can be exploited to cause a buffer overflow. 4) An unspecified error within mw8sr.dll when parsing certain Microsoft Office Documents can be exploited to cause a buffer overflow. 5) An unspecified error within assr.dll when parsing Applix Spreadsheets can be exploited to cause a buffer overflow. 6) An unspecified error within kpprzrdr.dll when parsing Lotus Notes .prz file format can be exploited to cause a buffer overflow. 7) An unspecified error within kvarcve.dll when parsing Lotus Notes .zip file format can be exploited to cause a buffer overflow. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in versions 8.0 and 8.5. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: 1) Pablo Santamaria, Oren Isacson, and Nadia Rodriguez, Core Security Technologies 2 - 7) The vendor credits iDefense Labs. ORIGINAL ADVISORY: IBM (PRAD8E3HKR, PRAD88MJ2W, PRAD8823JQ, PRAD8823ND, PRAD8823A7, RAD8E3NKZ, PRAD8E3NSP): http://www.ibm.com/support/docview.wss?uid=swg21500034 Core Security: http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 12:31:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 21:31:37 +0200 Subject: [SEC] [SA44686] MidiCMS Website Builder Cross-Site Request Forgery and Security Bypass Message-ID: <201105251931.p4PJVbPc000784@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: MidiCMS Website Builder Cross-Site Request Forgery and Security Bypass SECUNIA ADVISORY ID: SA44686 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44686/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44686 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44686/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44686/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44686 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability and a security issue have been discovered in MidiCMS Website Builder, which can be exploited by malicious people to conduct cross-site request forgery and bypass certain security restrictions. 1) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete pages if a logged-in administrative user visits a malicious web site. 2) The security issue is caused due the application allowing access to the admin/jscripts/tiny_mce/plugins/ezfilemanager/index.php script without verifying credentials. This can be exploited to upload files with certain extensions (e.g. ZIP and HTML). SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. Restrict access to the "admin/jscripts/tiny_mce/plugins/ezfilemanager" directory (e.g. via ".htaccess"). PROVIDED AND/OR DISCOVERED BY: KedAns-Dz OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 13:31:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 22:31:31 +0200 Subject: [SEC] [SA44415] Joomla! JE Story submit Component Unspecified File Inclusion Vulnerability Message-ID: <201105252031.p4PKVVef023713@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Joomla! JE Story submit Component Unspecified File Inclusion Vulnerability SECUNIA ADVISORY ID: SA44415 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44415/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44415 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44415/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44415/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44415 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the JE Story submit component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Certain unspecified input is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks. The vulnerability is reported in versions prior to 1.8. SOLUTION: Update to version 1.8. PROVIDED AND/OR DISCOVERED BY: Reported by the Joomla! VEL team. ORIGINAL ADVISORY: JE Story submit: http://joomlaextensions.co.in/extensions/modules/je-content-menu.html?page=shop.product_details&flypage=flypage.tpl&product_id=77&category_id=13 http://joomlaextensions.co.in/extensions/modules/je-content-menu.html?page=shop.product_details&flypage=flypage.tpl&product_id=78&category_id=13 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 14:26:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 23:26:37 +0200 Subject: [SEC] [SA44685] Ubuntu update for kernel Message-ID: <201105252126.p4PLQbWU013966@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Ubuntu update for kernel SECUNIA ADVISORY ID: SA44685 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44685/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44685 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44685/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44685/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44685 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA42684 SA42765 SA43009 SA43358 SA43569 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1133-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-May/001331.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 14:46:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 25 May 2011 23:46:39 +0200 Subject: [SEC] [SA44672] SUSE update for exim Message-ID: <201105252146.p4PLkdag002624@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for exim SECUNIA ADVISORY ID: SA44672 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44672/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44672 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44672/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44672/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44672 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for exim. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA44467 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0535-1: https://hermes.opensuse.org/messages/8578917 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 15:11:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 00:11:56 +0200 Subject: [SEC] [SA44694] Fedora update for xen Message-ID: <201105252211.p4PMBuwr023989@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for xen SECUNIA ADVISORY ID: SA44694 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44694/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44694 RELEASE DATE: 2011-05-25 DISCUSS ADVISORY: http://secunia.com/advisories/44694/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44694/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44694 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for xen. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and gain escalated privileges. For more information: SA44502 SOLUTION: Apply updated packages via the yum utility ("yum update xen"). ORIGINAL ADVISORY: FEDORA-2011-6914: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060597.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 15:46:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 00:46:10 +0200 Subject: [SEC] [SA44691] ClipBucket "cb_lang" SQL Injection Vulnerability Message-ID: <201105252246.p4PMkAfG013300@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: ClipBucket "cb_lang" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44691 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44691/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44691 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44691/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44691/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44691 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: AutoSec Tools has discovered a vulnerability in ClipBucket, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "cb_lang" cookie to e.g. index.php is not properly sanitised in includes/classes/lang.class.php before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.0.91. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: AutoSec Tools ORIGINAL ADVISORY: http://www.autosectools.com/Advisory/Clipbucket-2.4-RC2-645-SQL-Injection-226 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 16:11:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 01:11:33 +0200 Subject: [SEC] [SA44644] Debian update for qemu-kvm Message-ID: <201105252311.p4PNBXCW002194@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Debian update for qemu-kvm SECUNIA ADVISORY ID: SA44644 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44644/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44644 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44644/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44644/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44644 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for qemu-kvm. This fixes a vulnerability, which can be exploited by malicious, local users in a guest virtual machine to gain escalated privileges. For more information: SA44648 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2241-1: http://lists.debian.org/debian-security-announce/2011/msg00110.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 16:46:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 01:46:32 +0200 Subject: [SEC] [SA44679] Ubuntu update for apr Message-ID: <201105252346.p4PNkW9K023995@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Ubuntu update for apr SECUNIA ADVISORY ID: SA44679 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44679/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44679 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44679/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44679/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44679 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for apr. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44490 SA44558 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1134-1: http://www.ubuntu.com/usn/usn-1134-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 17:14:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 02:14:48 +0200 Subject: [SEC] [SA44699] SUSE update for rdesktop Message-ID: <201105260014.p4Q0EmVB013067@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: SUSE update for rdesktop SECUNIA ADVISORY ID: SA44699 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44699/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44699 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44699/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44699/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44699 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA44200 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0528-1: https://hermes.opensuse.org/messages/8572533 openSUSE-SU-2011:0530-1: https://hermes.opensuse.org/messages/8572540 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 17:46:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 02:46:29 +0200 Subject: [SEC] [SA44695] Fedora update for libmodplug Message-ID: <201105260046.p4Q0kToa002221@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Fedora update for libmodplug SECUNIA ADVISORY ID: SA44695 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44695/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44695 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44695/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44695/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44695 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for libmodplug. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA44388 SOLUTION: Apply updated packages via the yum utility ("yum update libmodplug"). ORIGINAL ADVISORY: FEDORA-2011-6931: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060520.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 18:11:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 03:11:16 +0200 Subject: [SEC] [SA44678] Google Chrome Multiple Vulnerabilities Message-ID: <201105260111.p4Q1BG4P023582@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44678 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44678/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44678 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44678/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44678/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44678 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. 1) An unspecified error allows bypassing the pop-up blocker. 2) An error when rendering floats may lead to a stale pointer. 3) An error within the GPU command buffer can be exploited to corrupt memory. 4) An error when handling a blob can be exploited to cause an out-of-bounds write. The vulnerabilities are reported in versions prior to 11.0.696.71. SOLUTION: Update to version 11.0.696.71. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Chamal De Silva 2) Martin Barbella 3) Cris Neckar, Google Chrome Security Team 4) Inferno, Chrome Security Team and Kostya Serebryany, Chromium Development Community ORIGINAL ADVISORY: http://googlechromereleases.blogspot.com/2011/05/stable-channel-update_24.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 18:46:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 03:46:41 +0200 Subject: [SEC] [SA44674] Vordel Gateway Directory Traversal Vulnerability Message-ID: <201105260146.p4Q1kf3J012951@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Vordel Gateway Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA44674 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44674/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44674 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44674/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44674/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44674 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Vordel Gateway, which can be exploited by malicious people to disclose sensitive information. Input passed via the URL to /manager is not properly verified before being used to read files. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. The vulnerability is reported in version 6.0.3. Other versions may also be affected. SOLUTION: Update to version 6.1.0. PROVIDED AND/OR DISCOVERED BY: Brian W. Gary ORIGINAL ADVISORY: https://www.upsploit.com/index.php/advisories/view/UPS-2011-0023 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed May 25 19:16:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 04:16:14 +0200 Subject: [SEC] [SA44683] Dovecot Mail Header Parsing Denial of Service Vulnerability Message-ID: <201105260216.p4Q2GE2F002550@CRON-IX-2.intnet> ---------------------------------------------------------------------- http://twitter.com/secunia http://www.facebook.com/Secunia ---------------------------------------------------------------------- TITLE: Dovecot Mail Header Parsing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44683 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44683/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44683 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44683/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44683/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44683 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Dovecot, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in src/lib-mail/message-header-parser.c when processing mail header names. This can be exploited to cause the daemon to crash via a specially crafted header containing a NUL character. The vulnerability is reported in versions 1.2.16 and 2.0.12. SOLUTION: Update to version 1.2.17 or 2.0.13. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://dovecot.org/pipermail/dovecot/2011-May/059086.html http://dovecot.org/pipermail/dovecot/2011-May/059085.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 10:32:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 19:32:24 +0200 Subject: [SEC] [SA44715] Movable Type Two Vulnerabilities Message-ID: <201105261732.p4QHWO5p025894@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Movable Type Two Vulnerabilities SECUNIA ADVISORY ID: SA44715 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44715/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44715 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44715/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44715/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44715 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Movable Type, which can be exploited by malicious people to disclose potentially sensitive information, conduct cross-site scripting attacks, and manipulate certain data. 1) Certain unspecified input not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An unspecified error exists in the application, which can be exploited to disclose and modify content. No further information is currently available. SOLUTION: Update to fixed version. Please see vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: The vendor credits Alfasado, Eldar Marcussen, and other, unnamed reporters. ORIGINAL ADVISORY: http://www.movabletype.org/documentation/appendices/release-notes/movable-type-505-and-436-release-notes.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 11:32:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 20:32:25 +0200 Subject: [SEC] [SA44704] SUSE update for logrotate Message-ID: <201105261832.p4QIWPEi016383@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for logrotate SECUNIA ADVISORY ID: SA44704 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44704/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44704 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44704/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44704/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44704 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for logrotate. This fixes some security issues, which can be exploited by malicious, local users to disclose potentially sensitive information, cause a DoS (Denial of Service), and potentially gain escalated privileges. For more information: SA42559 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0536-1: https://hermes.opensuse.org/messages/8581105 SUSE-SU-2011:0539-1: https://hermes.opensuse.org/messages/8581546 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 12:33:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 21:33:37 +0200 Subject: [SEC] [SA44706] SUSE update for logrotate Message-ID: <201105261933.p4QJXbtg006922@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for logrotate SECUNIA ADVISORY ID: SA44706 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44706/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44706 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44706/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44706/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44706 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for logrotate. This fixes some security issues, which can be exploited by malicious, local users to disclose potentially sensitive information and cause a DoS (Denial of Service) For more information: SA42559 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0537-1: https://hermes.opensuse.org/messages/8581108 SUSE-SU-2011:0538-1: https://hermes.opensuse.org/messages/8581547 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 13:33:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 22:33:07 +0200 Subject: [SEC] [SA44709] Erlang/OTP SSH Insecure Random Number Generator Security Issue Message-ID: <201105262033.p4QKX7ZG029781@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Erlang/OTP SSH Insecure Random Number Generator Security Issue SECUNIA ADVISORY ID: SA44709 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44709/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44709 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44709/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44709/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44709 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Erlang/OTP, which can be exploited by malicious people to conduct brute force attacks. The security issue is caused due to the SSH library using predictable seeds and a cryptographically insecure random number generator to perform cryptographic operations, which can be exploited to e.g. recover DSA host and SSH session keys. The security issue is reported in versions prior to R14B03. Other versions may also be affected. SOLUTION: Update to version R14B03. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: Geoff Cant ORIGINAL ADVISORY: http://erlang.org/pipermail/erlang-announce/2011-May/000051.html http://www.erlang.org/download/otp_src_R14B03.readme OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 14:26:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 23:26:13 +0200 Subject: [SEC] [SA44682] Debian update for linux-2.6 Message-ID: <201105262126.p4QLQD9V019949@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for linux-2.6 SECUNIA ADVISORY ID: SA44682 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44682/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44682 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44682/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44682/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44682 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for linux-2.6. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), potentially gain escalated privileges, conduct session hijacking attacks, disclose sensitive information, and disclose system information and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA41493 SA42061 SA43009 SA43358 SA43537 SA43576 SA43594 SA43693 SA43806 SA43841 SA43846 SA44164 SA44220 SA44248 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2240-1: http://www.us.debian.org/security/2011/dsa-2240 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 14:48:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 26 May 2011 23:48:02 +0200 Subject: [SEC] [SA44724] Cisco RVS4000 / WRVS4400N Gigabit Security Routers Multiple Vulnerabilities Message-ID: <201105262148.p4QLm2Gb008740@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Cisco RVS4000 / WRVS4400N Gigabit Security Routers Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44724 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44724/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44724 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44724/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44724/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44724 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Cisco RVS4000 and WRVS4400N Gigabit Security Routers, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to disclose sensitive information. 1) The web management interface does not properly restrict access to the backup configuration file, which can be exploited to download the file and disclose sensitive information. 2) Input passed via the "ping" or "traceroute" parameters to the web management interface is not properly sanitised before being used. This can be exploited to inject and execute arbitrary shell commands. 3) An unspecified error in the web management interface can be exploited to retrieve the administrator's private and public keys for SSL certificates. Please see the vendor's advisory for the list of affected products. SOLUTION: Apply updates when available (Scheduled for June 19, 2011). Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Michal Sajdak, Securitum. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20110525-rvs4000.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 15:14:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 00:14:24 +0200 Subject: [SEC] [SA44725] Cisco IOS XR Multiple Vulnerabilities Message-ID: <201105262214.p4QMEOdx030115@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Cisco IOS XR Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44725 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44725/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44725 RELEASE DATE: 2011-05-26 DISCUSS ADVISORY: http://secunia.com/advisories/44725/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44725/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44725 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Cisco IOS XR, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An unspecified error exists when processing IPv4 packets originating from the Cisco Line Card or Cisco CRS MSC and can be exploited to crash the NetIO process. Successful exploitation of this vulnerability requires that an IPv4 address is configured on one of the interfaces of a Cisco Line Card or Cisco CRS MSC. 2) An error in the SSH server when handling an SSHv1 connection does not delete sshd_lock files in the /tmp directory. This can be exploited to consume all available disk space in the /tmp filesystem and cause a crash. 3) An unspecified error when processing IPv4 packets can be exploited to reload the SPA (Shared Port Adapters) Interface Processor. Successful exploitation of this vulnerability requires that an IPv4 address is configured on any of the SPA interface processor interfaces. Please see the vendor's advisory for the list of affected products and versions. SOLUTION: Apply updates. Please see the vendor's advisory for more information. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) The vendor credits a customer. 3) Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20110525-iosxr.shtml http://www.cisco.com/warp/public/707/cisco-sa-20110525-iosxr-ssh.shtml http://www.cisco.com/warp/public/707/cisco-sa-20110525-iosxrspa.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 15:47:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 00:47:21 +0200 Subject: [SEC] [SA44712] SUSE update for dovecot Message-ID: <201105262247.p4QMlLlv019381@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for dovecot SECUNIA ADVISORY ID: SA44712 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44712/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44712 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44712/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44712/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44712 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44683 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0540-1: https://hermes.opensuse.org/messages/8581790 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 16:12:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 01:12:26 +0200 Subject: [SEC] [SA44726] Cisco IOS XR Shared Port Adapters Interface Processor Denial of Service Vulnerability Message-ID: <201105262312.p4QNCQoP008313@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Cisco IOS XR Shared Port Adapters Interface Processor Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44726 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44726/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44726 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44726/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44726/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44726 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS XR, which can be exploited by malicious people to cause a (DoS) Denial of Service. For more information see vulnerability #3 in: SA44725 Please see the vendor's advisory for the list of affected versions. SOLUTION: Apply patches. Please see the vendor's advisory for more information. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20110525-iosxrspa.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 16:47:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 01:47:25 +0200 Subject: [SEC] [SA44714] Ubuntu update for rdesktop Message-ID: <201105262347.p4QNlPSe030067@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Ubuntu update for rdesktop SECUNIA ADVISORY ID: SA44714 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44714/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44714 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44714/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44714/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44714 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for rdesktop. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA44200 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1136-1: http://www.ubuntu.com/usn/usn-1136-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 17:15:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 02:15:12 +0200 Subject: [SEC] [SA44713] Ubuntu update for exim4 Message-ID: <201105270015.p4R0FCRV019108@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Ubuntu update for exim4 SECUNIA ADVISORY ID: SA44713 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44713/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44713 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44713/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44713/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44713 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for exim4. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA44467 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1135-1: http://www.ubuntu.com/usn/usn-1135-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 17:48:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 02:48:18 +0200 Subject: [SEC] [SA44727] Cisco Content Delivery System Internet Streamer URL Processing Denial of Service Vulnerability Message-ID: <201105270048.p4R0mIBo008382@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Cisco Content Delivery System Internet Streamer URL Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44727 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44727/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44727 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44727/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44727/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44727 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco Content Delivery System, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error in the web server engine of Cisco Internet Streamer when processing URLs. This can be exploited to cause the web server engine to crash via a specially crafted URL. The vulnerability is reported in versions 2.5.7 and later. SOLUTION: Update to version 2.5.9 build 126. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Cisco: http://www.cisco.com/warp/public/707/cisco-sa-20110525-spcdn.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 18:13:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 03:13:13 +0200 Subject: [SEC] [SA44718] Wing FTP Server LDAP Authentication Security Bypass Message-ID: <201105270113.p4R1DDcZ029698@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Wing FTP Server LDAP Authentication Security Bypass SECUNIA ADVISORY ID: SA44718 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44718/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44718 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44718/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44718/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44718 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Wing FTP Server, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the LDAP authentication mechanism when using Active Directory, which can be exploited to bypass the authentication mechanism by providing a blank password. The vulnerability is reported in versions prior to 3.8.7. SOLUTION: Update to version 3.8.7. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.wftpserver.com/serverhistory.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu May 26 18:47:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 03:47:02 +0200 Subject: [SEC] [SA44670] Debian update for cyrus-imapd-2.2 Message-ID: <201105270147.p4R1l21o019004@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for cyrus-imapd-2.2 SECUNIA ADVISORY ID: SA44670 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44670/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44670 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44670/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44670/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44670 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for cyrus-imapd-2.2. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA44414 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2242-1: http://www.debian.org/security/2011/dsa-2242 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 10:32:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 19:32:25 +0200 Subject: [SEC] [SA44705] Ubuntu update for eucalyptus Message-ID: <201105271732.p4RHWPxK017407@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Ubuntu update for eucalyptus SECUNIA ADVISORY ID: SA44705 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44705/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44705 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44705/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44705/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44705 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for eucalyptus. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to an error when processing certain requests sent to the SOAP interface. This can be exploited to submit arbitrary commands in the context of an authenticated user via Man-in-the-Middle (MitM) attacks. SOLUTION: Apply updated packages: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Juraj Somorovsky, J?rg Schwenk, Meiko Jensen, and Xiaofeng Lou. ORIGINAL ADVISORY: ESA-02: http://open.eucalyptus.com/wiki/esa-02 USN-1137-1: http://www.ubuntu.com/usn/usn-1137-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 11:32:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 20:32:17 +0200 Subject: [SEC] [SA44707] Asterisk SIP REGISTER Response User Enumeration Weakness Message-ID: <201105271832.p4RIWHmx007900@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Asterisk SIP REGISTER Response User Enumeration Weakness SECUNIA ADVISORY ID: SA44707 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44707/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44707 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44707/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44707/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44707 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been discovered in Asterisk, which can be exploited by malicious people to determine valid usernames. The problem is that different responses are being sent when using a valid or an invalid username in REGISTER messages. This can be exploited to determine valid usernames by sending specially crafted REGISTER messages. The weakness is confirmed in version 1.8.4.1. Other versions may also be affected. SOLUTION: There's currently no known effective workaround. PROVIDED AND/OR DISCOVERED BY: Francesco Tornieri ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/101720/asterisk-1.8.4-sip-username-enumeration.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 12:36:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 21:36:37 +0200 Subject: [SEC] [SA44698] Symantec Backup Exec Products Media Server NDMP Command Execution Weakness Message-ID: <201105271936.p4RJabNn030965@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Symantec Backup Exec Products Media Server NDMP Command Execution Weakness SECUNIA ADVISORY ID: SA44698 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44698/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44698 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44698/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44698/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44698 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Symantec Backup Exec products, which can be exploited by malicious people to bypass certain security restrictions. The weakness is caused due to the communication protocol in the media server not properly verifying the identity of the remote agent before performing certain actions. This can be exploited to e.g. execute post authentication NDMP commands via Man-in-the-Middle (MitM) attacks. The weakness is reported in the following products: * Symantec Backup Exec for Windows Servers versions 11.0, 12.0, and 12.5. * Symantec Backup Exec 2010 versions 13.0 and 13.0 R2 SOLUTION: Update or upgrade to Symantec Backup Exec 2010 R3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Nibin Varghese, iViZ Security. ORIGINAL ADVISORY: Symantec (SYM11-006): http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110526_00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 13:32:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 22:32:24 +0200 Subject: [SEC] [SA44716] Blackboard "keywordraw" Cross-Site Scripting Vulnerability Message-ID: <201105272032.p4RKWO93021273@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Blackboard "keywordraw" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44716 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44716/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44716 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44716/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44716/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44716 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Blackboard Learn, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "keywordraw" parameter to bin/common/search.pl is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 8.0. SOLUTION: Update to Service Pack 7 Hotfix 2. PROVIDED AND/OR DISCOVERED BY: Matt Jezorek ORIGINAL ADVISORY: https://www.upsploit.com/index.php/advisories/view/UPS-2011-0009 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 14:25:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 23:25:52 +0200 Subject: [SEC] [SA44736] Autonomy Keyview Multiple Vulnerabilities Message-ID: <201105272125.p4RLPqxm011471@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Autonomy Keyview Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44736 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44736/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44736 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44736/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44736/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44736 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Autonomy Keyview, which can be exploited by malicious people to compromise a user's system. For more information: SA44624 SOLUTION: Apply patches for versions 10.12, 10.11, 10.10, 10.9, 10.8, 10.5, 10.4, 10.3, and 9.2. PROVIDED AND/OR DISCOVERED BY: 1) Pablo Santamaria, Oren Isacson, and Nadia Rodriguez, Core Security Technologies 2 - 5) binaryhouse.net via iDefense Labs. 6, 7) The vendor credits iDefense Labs. ORIGINAL ADVISORY: Core Security: http://www.coresecurity.com/content/LotusNotes-XLS-viewer-heap-overflow iDefense: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=904 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=905 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=906 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=907 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 14:46:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 27 May 2011 23:46:43 +0200 Subject: [SEC] [SA44308] Drupal Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201105272146.p4RLkhvN032588@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Drupal Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA44308 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44308/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44308 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44308/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44308/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44308 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Certain input passed via the URL is not properly sanitised in the Drupal error handler before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that on-screen error display is enabled in admin/settings/error-reporting. 2) Input passed via the color scheme values (e.g. "palette[bg]", "palette[text]", "palette[sideborders]", "palette[footer]", and "palette[titleslogan]") to index.php (when "q" is set to "admin/appearance/settings/bartik") when changing the color scheme is not properly sanitised before being used in a style sheet. This can be exploited to insert arbitrary CSS and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation of this vulnerability requires the "Administer themes" privileges and the victim user is running a browser which executes certain JavaScript statements from CSS files (e.g. Internet Explorer 6). The vulnerabilities are reported in version 6.20. Prior versions may also be affected. SOLUTION: Update to version 6.21 or later. PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Heine Deelstra, Drupal security team. 2) Kasper Lindgaard, Secunia Research. ORIGINAL ADVISORY: SA-CORE-2011-001: http://drupal.org/node/1168756 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 15:11:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 May 2011 00:11:39 +0200 Subject: [SEC] [SA44719] ISC BIND Negative Caching RRSIG RRsets Denial of Service Vulnerability Message-ID: <201105272211.p4RMBd17021518@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: ISC BIND Negative Caching RRSIG RRsets Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44719 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44719/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44719 RELEASE DATE: 2011-05-27 DISCUSS ADVISORY: http://secunia.com/advisories/44719/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44719/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44719 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ISC BIND, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an assertion error within the processing of negative responses containing large RRSIG RRsets, which can be exploited to crash named. Successful exploitation requires that the attacker can e.g. directly query or trick an authorised client into querying the targeted caching resolvers. The vulnerability is reported in versions 9.4-ESV-R3 and later, 9.6-ESV-R2 and later, 9.6.3, 9.7.1 and later, and 9.8.0 and later. SOLUTION: Update to version 9.4-ESV-R4-P1 as soon as available or versions 9.6-ESV-R4-P1, 9.7.3-P1, and 9.8.0-P2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Frank Kloeker and Michael Sinatra. ORIGINAL ADVISORY: https://www.isc.org/software/bind/advisories/cve-2011-1910 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 15:46:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 May 2011 00:46:50 +0200 Subject: [SEC] [SA44697] Ubuntu update for dbus-glib Message-ID: <201105272246.p4RMko82010882@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Ubuntu update for dbus-glib SECUNIA ADVISORY ID: SA44697 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44697/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44697 RELEASE DATE: 2011-05-28 DISCUSS ADVISORY: http://secunia.com/advisories/44697/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44697/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44697 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for dbus-glib. This fixes a security issue, which can be exploited by malicious, local users to bypass certain security features. For more information: SA40908 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1138-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-May/001337.html USN-1138-2: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-May/001338.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 16:12:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 May 2011 01:12:10 +0200 Subject: [SEC] [SA44731] Fedora update for systemtap Message-ID: <201105272312.p4RNCAMx032232@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Fedora update for systemtap SECUNIA ADVISORY ID: SA44731 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44731/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44731 RELEASE DATE: 2011-05-28 DISCUSS ADVISORY: http://secunia.com/advisories/44731/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44731/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44731 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for systemtap. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA44608 SOLUTION: Apply updated packages via the yum utility ("yum update systemtap"). ORIGINAL ADVISORY: FEDORA-2011-7289: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060810.html FEDORA-2011-7302: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060790.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri May 27 16:46:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 28 May 2011 01:46:44 +0200 Subject: [SEC] [SA44708] Drupal Script Insertion and Security Bypass Message-ID: <201105272346.p4RNkix1021559@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Drupal Script Insertion and Security Bypass SECUNIA ADVISORY ID: SA44708 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44708/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44708 RELEASE DATE: 2011-05-28 DISCUSS ADVISORY: http://secunia.com/advisories/44708/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44708/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44708 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability and a security issue have been reported in Drupal, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to bypass certain security restrictions. 1) An error in the Color module can be exploited to conduct script insertion attacks. For more information see vulnerability #2 in: SA44308 2) A security issue in the File module (modules/file/file.module) in combination with restrictions via a node access module can be exploited to disclose private files. The vulnerability and the security issue are reported in version 7.0. SOLUTION: Update to version 7.1 or later. PROVIDED AND/OR DISCOVERED BY: 1) Kasper Lindgaard, Secunia Research. 2) The vendor credits Hubert Lecorche and Peter Bex. ORIGINAL ADVISORY: SA-CORE-2011-001: http://drupal.org/node/1168756 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 10:31:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 May 2011 19:31:48 +0200 Subject: [SEC] [SA44696] 7-Technologies Interactive Graphical SCADA System ODBC Server Vulnerability Message-ID: <201105301731.p4UHVmvu024542@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: 7-Technologies Interactive Graphical SCADA System ODBC Server Vulnerability SECUNIA ADVISORY ID: SA44696 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44696/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44696 RELEASE DATE: 2011-05-30 DISCUSS ADVISORY: http://secunia.com/advisories/44696/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44696/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44696 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in 7-Technologies Interactive Graphical SCADA System, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerability is caused due to an unspecified error in the ODBC server (ODBCixv9se.exe) when processing certain structures. This can be exploited to corrupt memory and crash the server by sending a specially crafted packet to TCP port 20222. Successful exploitation may allow execution of arbitrary code. SOLUTION: Apply a fix. Contact the vendor for further information. PROVIDED AND/OR DISCOVERED BY: The vendor credits Vupen. ORIGINAL ADVISORY: http://www.igss.com/rss/V9All.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 11:31:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 May 2011 20:31:19 +0200 Subject: [SEC] [SA44755] Fedora update for rssh Message-ID: <201105301831.p4UIVJYK015023@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Fedora update for rssh SECUNIA ADVISORY ID: SA44755 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44755/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44755 RELEASE DATE: 2011-05-30 DISCUSS ADVISORY: http://secunia.com/advisories/44755/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44755/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44755 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for rssh. This fixes a weakness, which can be exploited by malicious users to bypass certain security restrictions. The weakness can be caused due to an error while handling certain configurations, which could lead to the user bypassing the configured chroot and getting default permissions to the filesystem. SOLUTION: Apply updated packages via the yum utility ("yum update rssh"). ORIGINAL ADVISORY: FEDORA-2011-7272: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060829.html FEDORA-2011-7229: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060818.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 12:31:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 May 2011 21:31:34 +0200 Subject: [SEC] [SA44717] Joomla! Joomnik Gallery Component "album" SQL Injection Vulnerability Message-ID: <201105301931.p4UJVYmG005514@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Joomla! Joomnik Gallery Component "album" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44717 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44717/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44717 RELEASE DATE: 2011-05-30 DISCUSS ADVISORY: http://secunia.com/advisories/44717/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44717/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44717 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Joomnik Gallery component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "album" parameter to index.php (when "option" is set to "com_joomnik") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code in a user's browser session in context of an affected site. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 0.9. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: SOLVER OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 13:33:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 May 2011 22:33:08 +0200 Subject: [SEC] [SA44749] AIDeX Mini-WebServer "nick" Cross-Site Scripting Vulnerability Message-ID: <201105302033.p4UKX8O4028511@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: AIDeX Mini-WebServer "nick" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44749 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44749/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44749 RELEASE DATE: 2011-05-30 DISCUSS ADVISORY: http://secunia.com/advisories/44749/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44749/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44749 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in AIDeX Mini-WebServer, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "nick" parameter to *chat/post.html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.4. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: wingthor ORIGINAL ADVISORY: http://www.wingthor.de/?q=AIDeX_Mini-Webserver_1.4_CI OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 14:25:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 May 2011 23:25:29 +0200 Subject: [SEC] [SA44735] DuhokForum "mode" SQL Injection Vulnerability Message-ID: <201105302125.p4ULPTmt018657@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: DuhokForum "mode" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44735 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44735/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44735 RELEASE DATE: 2011-05-30 DISCUSS ADVISORY: http://secunia.com/advisories/44735/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44735/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44735 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in DuhokForum, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "mode" parameter in index.php is not properly sanitised before being used in online.php in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: M.Jock3R ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17335/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 14:46:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 30 May 2011 23:46:09 +0200 Subject: [SEC] [SA44752] Joomla! jomEstate PRO Component "district" SQL Injection Vulnerability Message-ID: <201105302146.p4ULk9LG007387@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Joomla! jomEstate PRO Component "district" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44752 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44752/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44752 RELEASE DATE: 2011-05-30 DISCUSS ADVISORY: http://secunia.com/advisories/44752/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44752/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44752 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the jomEstate PRO component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to the "district" parameter in the search form is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.3.6. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: Sid3^effects ORIGINAL ADVISORY: http://www.1337day.com/exploits/16135 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 15:11:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 00:11:33 +0200 Subject: [SEC] [SA44723] Html-edit CMS Cross-Site Request Forgery Vulnerability Message-ID: <201105302211.p4UMBXCQ028727@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Html-edit CMS Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44723 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44723/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44723 RELEASE DATE: 2011-05-30 DISCUSS ADVISORY: http://secunia.com/advisories/44723/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44723/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44723 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Html-edit CMS, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. add pages and conduct script insertion attacks by tricking a logged in administrative user into visiting a malicious web site. The vulnerability is confirmed in version 3.1.9 rev2. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: KedAns-Dz OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 15:46:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 00:46:23 +0200 Subject: [SEC] [SA44665] Debian update for chromium-browser Message-ID: <201105302246.p4UMkNpb018086@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for chromium-browser SECUNIA ADVISORY ID: SA44665 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44665/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44665 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44665/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44665/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44665 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for chromium-browser. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA43859 SA44375 SA44591 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2245-1: http://lists.debian.org/debian-security-announce/2011/msg00115.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 16:11:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 01:11:36 +0200 Subject: [SEC] [SA44662] Debian update for mahara Message-ID: <201105302311.p4UNBaIS007034@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for mahara SECUNIA ADVISORY ID: SA44662 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44662/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44662 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44662/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44662/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44662 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for mahara. This fixes multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and conduct script insertion attacks and by malicious people to conduct cross-site request forgery attacks. For more information: SA44433 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2246-1: http://www.debian.org/security/2011/dsa-2246 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 16:46:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 01:46:25 +0200 Subject: [SEC] [SA44745] BakBone NetVault SmartDisk Integer Overflow Denial of Service Vulnerability Message-ID: <201105302346.p4UNkPQq028791@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: BakBone NetVault SmartDisk Integer Overflow Denial of Service Vulnerability SECUNIA ADVISORY ID: SA44745 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44745/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44745 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44745/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44745/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44745 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in BakBone NetVault SmartDisk, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an integer overflow error in the libnvbasics.dll module when allocating memory. This can be exploited to crash the percolatorslave.exe process via specially crafted packets sent to TCP port 37452. The vulnerability is confirmed in version 1.2.2. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only (e.g. via network access control lists). PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/percolator_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 17:14:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 02:14:30 +0200 Subject: [SEC] [SA44667] Gadu-Gadu HTML Processing Code Execution Vulnerability Message-ID: <201105310014.p4V0EUSl017870@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Gadu-Gadu HTML Processing Code Execution Vulnerability SECUNIA ADVISORY ID: SA44667 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44667/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44667 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44667/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44667/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44667 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Kacper Szczesniak has discovered a vulnerability in Gadu-Gadu, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing certain HTML content and can be exploited to inject malicious content via a Man-in-the-Middle (MitM) attack and execute an arbitrary program. Successful exploitation allows execution of arbitrary code, but requires intercepting the communication between the client and certain web servers. The vulnerability is confirmed in version 10.5. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences in a proxy. PROVIDED AND/OR DISCOVERED BY: Kacper Szczesniak ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0517.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 17:47:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 02:47:14 +0200 Subject: [SEC] [SA44693] Apache Archiva Multiple Vulnerabilities Message-ID: <201105310047.p4V0lEix007140@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Apache Archiva Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44693 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44693/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44693 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44693/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44693/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44693 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Apache Archiva, which can be exploited by malicious people to conduct cross-site scripting, cross-site request forgery, and script insertion attacks. 1) Input passed via various parameters to multiple scripts is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via various parameters to multiple scripts is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 3) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. create an administrative user or grant a user administrative privileges when a logged-in administrator visits a malicious web site. The vulnerabilities are reported in versions 1.3 through 1.3.4. SOLUTION: Update to version 1.3.5. PROVIDED AND/OR DISCOVERED BY: Riyaz Ahemed Walikar, Microland. ORIGINAL ADVISORY: Apache: http://archiva.apache.org/docs/1.3.5/release-notes.html http://archiva.apache.org/security.html Microland: http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0531.html http://archives.neohapsis.com/archives/fulldisclosure/2011-05/0532.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 18:11:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 03:11:12 +0200 Subject: [SEC] [SA44738] Joomla! Jms FileSeller Component "view" Local File Inclusion Vulnerability Message-ID: <201105310111.p4V1BCVp028413@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Joomla! Jms FileSeller Component "view" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA44738 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44738/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44738 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44738/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44738/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44738 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Valentin Hoebel has reported a vulnerability in the Jms FileSeller component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed via the "view" parameter to index.php (when "option" is set to "com_jmsfileseller") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is reported in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Valentin Hoebel ORIGINAL ADVISORY: Valentin Hoebel: http://www.xenuser.org/2011/05/28/joomla-component-com_jmsfileseller-local-file-inclusion-vulnerabilit/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 18:46:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 03:46:27 +0200 Subject: [SEC] [SA44756] Fedora update for dovecot Message-ID: <201105310146.p4V1kR1W017792@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Fedora update for dovecot SECUNIA ADVISORY ID: SA44756 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44756/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44756 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44756/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44756/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44756 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for dovecot. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44683 SOLUTION: Apply updated packages via the yum utility ("yum update dovecot"). ORIGINAL ADVISORY: FEDORA-2011-7258: http://lists.fedoraproject.org/pipermail/package-announce/2011-May/060815.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 19:18:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 04:18:07 +0200 Subject: [SEC] [SA44677] Debian update for bind9 Message-ID: <201105310218.p4V2I7NJ007486@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for bind9 SECUNIA ADVISORY ID: SA44677 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44677/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44677 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44677/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44677/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44677 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44719 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2244-1: http://lists.debian.org/debian-security-announce/2011/msg00114.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 19:46:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 04:46:42 +0200 Subject: [SEC] [SA44734] Guru Penny Auction Pro "prodid" SQL Injection Vulnerability Message-ID: <201105310246.p4V2kgiE028962@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Guru Penny Auction Pro "prodid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA44734 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44734/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44734 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44734/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44734/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44734 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Guru Penny Action Pro, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "prodid" parameter to auction_details.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 3. Other versions may also affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: v3n0m OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 20:11:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 05:11:28 +0200 Subject: [SEC] [SA44751] Shibboleth Identity Provider Cross-Site Scripting Vulnerability Message-ID: <201105310311.p4V3BSVY017872@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Shibboleth Identity Provider Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44751 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44751/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44751 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44751/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44751/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44751 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Shibboleth Identity Provider, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the Velocity macro templates is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 2.3. SOLUTION: Update to version 2.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Scott Cantor, The Ohio State University. ORIGINAL ADVISORY: http://shibboleth.internet2.edu/secadv/secadv_20110516.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 20:46:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 05:46:27 +0200 Subject: [SEC] [SA44741] FreeBSD update for bind Message-ID: <201105310346.p4V3kRTp007238@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: FreeBSD update for bind SECUNIA ADVISORY ID: SA44741 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44741/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44741 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44741/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44741/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44741 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: FreeBSD has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44719 SOLUTION: Update FreeBSD or apply the patch. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: FreeBSD-SA-11:02: http://security.freebsd.org/advisories/FreeBSD-SA-11:02.bind.asc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 21:12:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 06:12:23 +0200 Subject: [SEC] [SA44744] Slackware update for bind Message-ID: <201105310412.p4V4CNdp028615@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Slackware update for bind SECUNIA ADVISORY ID: SA44744 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44744/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44744 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44744/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44744/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44744 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Slackware has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44719 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: SSA:2011-147-01: http://slackware.com/security/viewer.php?l=slackware-security&y=2011&m=slackware-security.685026 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon May 30 21:46:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 06:46:24 +0200 Subject: [SEC] [SA44720] Puzzle Apps CMS "COREROOT" File Inclusion Vulnerability Message-ID: <201105310446.p4V4kOlH017931@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Puzzle Apps CMS "COREROOT" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA44720 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44720/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44720 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44720/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44720/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44720 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Puzzle Apps CMS, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "COREROOT" parameter to core/config.loader.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that "register_globals" is enabled. The vulnerability is confirmed in version 3.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Treasure Priyamal OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 10:31:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 19:31:45 +0200 Subject: [SEC] [SA44687] Debian update for unbound Message-ID: <201105311731.p4VHVjSF007715@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Debian update for unbound SECUNIA ADVISORY ID: SA44687 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44687/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44687 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44687/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44687/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44687 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for unbound. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing certain queries, which can be exploited to cause the application to stop responding to zones signed using DNSSEC. SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2243-1: http://www.debian.org/security/2011/dsa-2243 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 11:31:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 20:31:39 +0200 Subject: [SEC] [SA44742] Guru JustAnswer Professional "id" and "que_id" SQL Injection Vulnerabilities Message-ID: <201105311831.p4VIVdZq030602@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Guru JustAnswer Professional "id" and "que_id" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA44742 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44742/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44742 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44742/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44742/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44742 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Guru JustAnswer Professional, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to profile.php and the "que_id" parameter to forum_answer.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 1.25. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: v3n0m OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 12:37:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 21:37:02 +0200 Subject: [SEC] [SA44764] Zope PluggableAuthService User Login Name Change Security Issue Message-ID: <201105311937.p4VJb28G021340@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Zope PluggableAuthService User Login Name Change Security Issue SECUNIA ADVISORY ID: SA44764 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44764/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44764 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44764/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44764/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44764 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Zope, which can be exploited by malicious users to manipulate certain data and cause a DoS (Denial of Service). The security issue is caused due to the "updateUser()" method of the ZODBUserManager class (ZODBUserManager.py) within the PluggableAuthService (PAS) framework not checking the uniqueness of a login name. This can be exploited to prevent a user from logging in when an attacker changes his login name to a victim's login name. The security issue is reported in version 2.11.8. Prior versions may also be affected. SOLUTION: Fixed in the SVN repository. PROVIDED AND/OR DISCOVERED BY: Reported by Alan Hoey in a bug report. ORIGINAL ADVISORY: Zope: https://mail.zope.org/pipermail/zope-announce/2011-May/002257.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 13:31:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 22:31:28 +0200 Subject: [SEC] [SA44710] Post Revolution Cross-Site Request Forgery Vulnerability Message-ID: <201105312031.p4VKVSPZ011567@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Post Revolution Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA44710 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44710/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44710 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44710/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44710/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44710 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Post Revolution, which can be exploited by malicious people to conduct cross-site request forgery attacks. The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrator's password by tricking a logged-in administrator into visiting a malicious web site. The vulnerability is reported in version 0.6.6. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links while being logged-in to the application. PROVIDED AND/OR DISCOVERED BY: The vendor credits Javier Bassi. ORIGINAL ADVISORY: http://postrev.com.ar/verpost.php?id_noticia=59 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 14:25:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 23:25:33 +0200 Subject: [SEC] [SA44766] SUSE update for ruby Message-ID: <201105312125.p4VLPX0w001747@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for ruby SECUNIA ADVISORY ID: SA44766 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44766/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44766 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44766/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44766/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44766 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for ruby. This fixes a security issue and some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, cause a DoS (Denial of Service), and to potentially compromise a vulnerable system. For more information: SA41003 SA43420 SA43434 SA44638 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0561-1: https://hermes.opensuse.org/messages/8628432 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 14:46:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 31 May 2011 23:46:33 +0200 Subject: [SEC] [SA44768] SUSE update for perl-libwww-perl Message-ID: <201105312146.p4VLkXIC022930@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for perl-libwww-perl SECUNIA ADVISORY ID: SA44768 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44768/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44768 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44768/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44768/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44768 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for perl-libwww-perl. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA44614 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0560-1: https://hermes.opensuse.org/messages/8628099 openSUSE-SU-2011:0552-1: https://hermes.opensuse.org/messages/8625448 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 15:12:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 00:12:40 +0200 Subject: [SEC] [SA44767] SUSE update for ruby Message-ID: <201105312212.p4VMCe0h011911@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for ruby SECUNIA ADVISORY ID: SA44767 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44767/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44767 RELEASE DATE: 2011-05-31 DISCUSS ADVISORY: http://secunia.com/advisories/44767/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44767/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44767 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for ruby. This fixes some vulnerabilities, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to manipulate certain data, conduct cross-site scripting attacks, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA37949 SA41003 SA43420 SA43434 SA44638 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:0555-1: https://hermes.opensuse.org/messages/8627547 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 15:46:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 00:46:47 +0200 Subject: [SEC] [SA44730] SUSE update for libmodplug Message-ID: <201105312246.p4VMkl8p001168@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for libmodplug SECUNIA ADVISORY ID: SA44730 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44730/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44730 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44730/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44730/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44730 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libmodplug. This fixes two vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA44388 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0551-1: https://hermes.opensuse.org/messages/8625449 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 16:12:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 01:12:33 +0200 Subject: [SEC] [SA44739] SUSE update for ruby Message-ID: <201105312312.p4VNCXuY022590@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: SUSE update for ruby SECUNIA ADVISORY ID: SA44739 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44739/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44739 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44739/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44739/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44739 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for ruby. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA44638 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:0556-1: https://hermes.opensuse.org/messages/8627569 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 16:46:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 01:46:50 +0200 Subject: [SEC] [SA44747] Linux Kernel "key_replace_session_keyring()" NULL Pointer Dereference Denial of Service Message-ID: <201105312346.p4VNko80011925@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Linux Kernel "key_replace_session_keyring()" NULL Pointer Dereference Denial of Service SECUNIA ADVISORY ID: SA44747 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44747/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44747 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44747/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44747/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44747 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "key_replace_session_keyring()" function in security/keys/process_keys.c, which can be exploited to cause a NULL pointer dereference and e.g. crash the kernel. The vulnerability is reported in version 2.6.39. Other versions may also be affected. SOLUTION: Fixed in version 3.0-rc1. PROVIDED AND/OR DISCOVERED BY: Robert Swiecki ORIGINAL ADVISORY: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=f7285b5d631fd6096b11c6af0058ed3a2b30ef4e OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 17:14:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 02:14:43 +0200 Subject: [SEC] [SA44628] IBM Tivoli Management Framework lcfd Endpoint Daemon Buffer Overflow Vulnerability Message-ID: <201106010014.p510EhDF000918@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: IBM Tivoli Management Framework lcfd Endpoint Daemon Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA44628 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44628/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44628 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44628/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44628/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44628 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM Tivoli Management Framework, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to a boundary error within the lcfd endpoint daemon when processing certain arguments. This can be exploited to cause a stack-based buffer overflow via a specially crafted HTTP request. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions 4.1, 4.1.1, and 4.3.1. SOLUTION: Apply APAR IZ90238 or apply patches. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Tenable Network Security via ZDI. ORIGINAL ADVISORY: IBM (IZ90238): http://www.ibm.com/support/docview.wss?uid=swg21499146 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 17:46:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 02:46:42 +0200 Subject: [SEC] [SA44762] Ubuntu update for bind9 Message-ID: <201106010046.p510kg2K022618@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Ubuntu update for bind9 SECUNIA ADVISORY ID: SA44762 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44762/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44762 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44762/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44762/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44762 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44719 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1139-1: http://www.ubuntu.com/usn/usn-1139-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 18:12:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 03:12:25 +0200 Subject: [SEC] [SA44760] TinyMCE Ajax File Manager Plugin File Upload Vulnerability Message-ID: <201106010112.p511CPko011581@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: TinyMCE Ajax File Manager Plugin File Upload Vulnerability SECUNIA ADVISORY ID: SA44760 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44760/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44760 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44760/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44760/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44760 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Ajax File Manager plugin for TinyMCE, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the application improperly validating uploaded files, which can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. an appended ".gif" file extension. Successful exploitation requires that Apache is not configured to handle the mime-type for media files with e.g. a ".jpg" or ".gif" extension. The vulnerability is confirmed in version 3.4. Other versions may also be affected. SOLUTION: Restrict access to the "uploaded" folder (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: Dr Trojan OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 18:46:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 03:46:36 +0200 Subject: [SEC] [SA44761] Ubuntu update for bind9 Message-ID: <201106010146.p511kax7000840@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Ubuntu update for bind9 SECUNIA ADVISORY ID: SA44761 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44761/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44761 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44761/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44761/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44761 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for bind9. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA41654 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1139-1: http://www.ubuntu.com/usn/usn-1139-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 19:23:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 04:23:15 +0200 Subject: [SEC] [SA44763] Ubuntu update for pam Message-ID: <201106010223.p512NF7h023192@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Ubuntu update for pam SECUNIA ADVISORY ID: SA44763 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44763/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44763 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44763/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44763/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44763 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for pam. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service), disclose potentially sensitive information and perform certain actions with escalated privileges. For more information: SA40978 SA42088 SOLUTION: Apply updated packages via Launchpad. Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ORIGINAL ADVISORY: USN-1140-1: http://www.ubuntu.com/usn/usn-1140-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue May 31 19:47:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 1 Jun 2011 04:47:29 +0200 Subject: [SEC] [SA44746] Joomla! sh404SEF Component Cross-Site Scripting Vulnerability Message-ID: <201106010247.p512lT2T012083@CRON-IX-2.intnet> ---------------------------------------------------------------------- Alerts when vulnerabilities pose a threat to your infrastructure The enhanced reporting module of the Secunia Vulnerability Intelligence Manager (VIM) enables you to combine advisory and ticket information, and generate policy compliance statistics. Using your asset list preferences, customised notifications are issued as soon as a new vulnerability is discovered - a valuable tool for documenting mitigation strategies. Watch our quick solution overview: http://www.youtube.com/user/Secunia#p/a/u/0/M1Y9sJqR2SY ---------------------------------------------------------------------- TITLE: Joomla! sh404SEF Component Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA44746 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44746/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44746 RELEASE DATE: 2011-06-01 DISCUSS ADVISORY: http://secunia.com/advisories/44746/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44746/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44746 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the sh404SEF component for Joomla!, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 2.2.5.964. Prior versions may also be affected. SOLUTION: Update to version 2.2.6.973. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://dev.anything-digital.com/Forum/Announcements/11147-sh404SEF-2.2.6-now-available-for-Joomla-1.5/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ EXPLOIT: Further details available in Customer Area: http://secunia.com/products/corporate/EVM/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ----------------------------------------------------------------------