From sec-adv at secunia.com Tue Oct 4 10:44:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Oct 2011 19:44:07 +0200 Subject: [SEC] [SA46161] Sunway pNetPower AngelServer Two Vulnerabilities Message-ID: <201110041744.p94Hi7nP008334@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Sunway pNetPower AngelServer Two Vulnerabilities SECUNIA ADVISORY ID: SA46161 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46161/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46161 RELEASE DATE: 2011-10-04 DISCUSS ADVISORY: http://secunia.com/advisories/46161/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46161/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46161 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered two vulnerabilities in Sunway pNetPower, which can be exploited by malicious people to cause a DoS (Denial of Service) and compromise a vulnerable system. 1) An error in AngelServer.exe when processing a certain packet type (0x06) can be exploited to cause a crash or system reboot via a specially crafted packet sent to TCP port 8800. 2) A signedness error in AngelServer.exe when processing a certain packet type (0x08) can be exploited to cause a stack-based buffer overflow via a specially crafted packet sent to TCP port 8800. Successful exploitation of this vulnerability allows execution of arbitrary code. The vulnerabilities are confirmed in version 6.0 (AngelServer.exe version 6.0.11.4). Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/forcecontrol_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 11:38:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Oct 2011 20:38:45 +0200 Subject: [SEC] [SA46294] WordPress Web Minimalist Theme URL Cross-Site Scripting Vulnerability Message-ID: <201110041838.p94Icjg8032740@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: WordPress Web Minimalist Theme URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46294 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46294/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46294 RELEASE DATE: 2011-10-04 DISCUSS ADVISORY: http://secunia.com/advisories/46294/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46294/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46294 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the Web Minimalist theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after index.php (when the "s" POST parameter is set) is not properly sanitised in wp-content/themes/web-minimalist-200901/searchform.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: https://sitewat.ch/en/Advisories/19 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 12:37:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Oct 2011 21:37:39 +0200 Subject: [SEC] [SA46254] ThinVNC Pro File Transfer Security Bypass Security Issue Message-ID: <201110041937.p94JbdCr024946@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: ThinVNC Pro File Transfer Security Bypass Security Issue SECUNIA ADVISORY ID: SA46254 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46254/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46254 RELEASE DATE: 2011-10-04 DISCUSS ADVISORY: http://secunia.com/advisories/46254/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46254/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46254 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been discovered in ThinVNC Pro, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the application not authenticating certain web requests and can be exploited to bypass the authentication mechanism and download arbitrary files by submitting requests to the "/ft/" URL. The security issue is reported in version 2.0.0.1 and confirmed in version 2.0.0.16. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: r at b13$, Digital Defense, Inc. Vulnerability Research Team. ORIGINAL ADVISORY: DDIVRT-2011-36: http://archives.neohapsis.com/archives/fulldisclosure/2011-10/0116.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 13:44:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Oct 2011 22:44:33 +0200 Subject: [SEC] [SA46157] KDE KSSL Certificate Text Format Enforce Vulnerability Message-ID: <201110042044.p94KiXCw017561@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: KDE KSSL Certificate Text Format Enforce Vulnerability SECUNIA ADVISORY ID: SA46157 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46157/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46157 RELEASE DATE: 2011-10-04 DISCUSS ADVISORY: http://secunia.com/advisories/46157/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46157/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46157 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in KDE, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to KSSL not properly setting the text format when displaying certificate information, which can be exploited to spoof certificates via e.g. certificates containing specially crafted RTF data in the Common Name (CN) field. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Tim Brown, Nth Dimension. ORIGINAL ADVISORY: http://www.kde.org/info/security/advisory-20111003-1.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 14:37:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 4 Oct 2011 23:37:20 +0200 Subject: [SEC] [SA46243] Debian update for puppet Message-ID: <201110042137.p94LbKZK009441@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Debian update for puppet SECUNIA ADVISORY ID: SA46243 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46243/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46243 RELEASE DATE: 2011-10-04 DISCUSS ADVISORY: http://secunia.com/advisories/46243/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46243/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46243 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for puppet. This fixes multiple security issues and a vulnerability, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious users to compromise a vulnerable system. For more information: SA46223 SA46286 SOLUTION: Apply updated packages via the apt-get package manager. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: DSA-2314-1: http://lists.debian.org/debian-security-announce/2011/msg00191.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 15:10:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 00:10:20 +0200 Subject: [SEC] [SA46268] Novell Identity Manager Cross-Site Scripting Vulnerabilities Message-ID: <201110042210.p94MAKP7032751@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Novell Identity Manager Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA46268 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46268/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46268 RELEASE DATE: 2011-10-04 DISCUSS ADVISORY: http://secunia.com/advisories/46268/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46268/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46268 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Novell Identity Manager, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "apwaDetailId" parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in Identity Manager Roles Based Provisioning Module 3.7.0 (User Application 3.7.0) prior to Field Patch 370E. SOLUTION: Apply field patch 370E. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://support.novell.com/docs/Readmes/InfoDocument/patchbuilder/readme_5111711.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 15:36:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 00:36:34 +0200 Subject: [SEC] [SA46295] WordPress Morning Coffee Theme URL Cross-Site Scripting Vulnerability Message-ID: <201110042236.p94MaYUY023299@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: WordPress Morning Coffee Theme URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46295 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46295/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46295 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46295/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46295/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46295 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the Morning Coffee theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after index.php (when the "s" POST parameter is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.5. Prior versions may also be affected. SOLUTION: Update to version 3.6. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: https://sitewat.ch/en/Advisories/20 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 16:14:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 01:14:10 +0200 Subject: [SEC] [SA46303] rekonq Certificate Text Format Enforce Vulnerability Message-ID: <201110042314.p94NEAuW014431@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: rekonq Certificate Text Format Enforce Vulnerability SECUNIA ADVISORY ID: SA46303 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46303/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46303 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46303/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46303/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46303 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in rekonq, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to the application not properly setting the text format when displaying certificate information, which can be exploited to spoof certificates via e.g. certificates containing specially crafted RTF data in the Common Name (CN) field. This is related to: SA46157 SOLUTION: Update to version 0.7.80. PROVIDED AND/OR DISCOVERED BY: The vendor credits Tim Brown, Nth Dimension. ORIGINAL ADVISORY: http://www.kde.org/info/security/advisory-20111003-1.txt https://projects.kde.org/projects/extragear/network/rekonq/repository/revisions/526ce56f7e6ae3c8a2aa1c96f4e87af9eaa305e1 https://projects.kde.org/projects/extragear/network/rekonq/repository/revisions/d1711fffc795d925d89980f56cd02b767e871c59 https://projects.kde.org/projects/extragear/network/rekonq/repository/revisions/85f454faabef5453c08eb5493d0afc63e23f650b OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 16:57:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 01:57:44 +0200 Subject: [SEC] [SA46297] WordPress Atahualpa Theme "s" Cross-Site Scripting Vulnerability Message-ID: <201110042357.p94NvixY005826@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: WordPress Atahualpa Theme "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46297 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46297/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46297 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46297/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46297/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46297 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the Atahualpa theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "s" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 3.6.7. Prior versions may also be affected. SOLUTION: Update to version 3.6.8. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: https://sitewat.ch/en/Advisories/8 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 17:37:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 02:37:00 +0200 Subject: [SEC] [SA46272] WordPress SmoothGallery Plugin "src" Arbitrary File Upload Message-ID: <201110050037.p950b0jd029458@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: WordPress SmoothGallery Plugin "src" Arbitrary File Upload SECUNIA ADVISORY ID: SA46272 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46272/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46272 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46272/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46272/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46272 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the SmoothGallery plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "src" parameter in wp-content/plugins/smoothgallery/extra/resizer.php is not properly verified before being used to cache files. This can be exploited to upload and execute arbitrary PHP files. This may be related to vulnerability #1 in: SA45416 The vulnerability is reported in version 1.15.1. Prior versions may also be affected. SOLUTION: Update to version 1.15.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: SmoothGallery: http://wordpress.org/extend/plugins/smoothgallery/changelog/ http://plugins.trac.wordpress.org/changeset/446904/smoothgallery/trunk/extra/resizer.php?old=126712&old_path=smoothgallery%2Ftrunk%2Fextra%2Fresizer.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 18:09:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 03:09:56 +0200 Subject: [SEC] [SA46208] conceptcms Multiple Path Disclosure Weaknesses Message-ID: <201110050109.p9519uo7020353@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: conceptcms Multiple Path Disclosure Weaknesses SECUNIA ADVISORY ID: SA46208 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46208/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46208 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46208/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46208/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46208 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple weaknesses have been discovered in conceptcms, which can be exploited by malicious people to disclose certain system information. The weaknesses are caused due to the application displaying the full installation path within an error message in cmi_templates/start_home.php, cmi_templates/start_cms_image.php, cmi_templates/start_cmapi_server.php, cmi_templates/start_page.php, and cmi_templates/start_admin.php. The weaknesses are confirmed in version 5.3.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that no system information is disclosed. PROVIDED AND/OR DISCOVERED BY: Reported within a google code commit of inspathx by yehg.net. ORIGINAL ADVISORY: http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/conceptcms_inst10_0531_100820 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 18:35:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 03:35:17 +0200 Subject: [SEC] [SA46296] WordPress ZenLite Theme "s" Cross-Site Scripting Vulnerability Message-ID: <201110050135.p951ZHwY010823@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: WordPress ZenLite Theme "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46296 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46296/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46296 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46296/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46296/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46296 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the ZenLite theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "s" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 4.3. Prior versions may also be affected. SOLUTION: Update to version 4.4. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: https://sitewat.ch/en/Advisories/12 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 19:09:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 04:09:07 +0200 Subject: [SEC] [SA46291] Joomla! Google Website Optimizer Component Section Names Script Insertion Vulnerability Message-ID: <201110050209.p95297Zh002123@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Joomla! Google Website Optimizer Component Section Names Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46291 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46291/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46291 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46291/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46291/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46291 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Google Website Optimizer component for Joomla!, which can be exploited by malicious users to conduct script insertion attacks. Input related to section names within "pggwob" page tags when creating or editing an article is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires the "Publisher" privileges. The vulnerability is reported in version 1.3.0. Prior versions may also be affected. SOLUTION: Update to version 1.4.0. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.pearl-group.com/optimizer-changelog OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 19:30:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 04:30:36 +0200 Subject: [SEC] [SA46240] OpenStack Compute (Nova) QCOW2 Security Bypass Security Issue Message-ID: <201110050230.p952Ual8024928@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: OpenStack Compute (Nova) QCOW2 Security Bypass Security Issue SECUNIA ADVISORY ID: SA46240 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46240/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46240 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46240/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46240/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46240 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in OpenStack Compute (Nova), which can be exploited by malicious users to bypass certain security restrictions. The security issue is caused due to insufficient restrictions for the base image file of QCOW2 images, which can be exploited to gain access to the host's file system via a malicious QCOW2 image. The security issue is reported in versions prior to 2011.3. SOLUTION: Update to version 2011.3. PROVIDED AND/OR DISCOVERED BY: Scott Moser ORIGINAL ADVISORY: https://bugs.launchpad.net/nova/+bug/853330 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 19:49:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 04:49:21 +0200 Subject: [SEC] [SA46275] Perl Crypt-DSA Module Insecure Random Number Generator Security Issue Message-ID: <201110050249.p952nLrr015093@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Perl Crypt-DSA Module Insecure Random Number Generator Security Issue SECUNIA ADVISORY ID: SA46275 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46275/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46275 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46275/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46275/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46275 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the Crypt-DSA module for Perl, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the module using a cryptographically insecure method to generate random numbers when "/dev/random" is not available, which can lead to cryptographically weak keys. Successful exploitation requires that "/dev/random" is not available (e.g. running on a Windows system). The security issue is reported in version 1.17. Other versions may also be affected. SOLUTION: Do not use on systems without "/dev/random". PROVIDED AND/OR DISCOVERED BY: Harlan Lieberman-Berg ORIGINAL ADVISORY: https://rt.cpan.org/Public/Bug/Display.html?id=71421 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 20:14:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 05:14:22 +0200 Subject: [SEC] [SA46305] WordPress Black-LetterHead Theme URL Cross-Site Scripting Vulnerability Message-ID: <201110050314.p953EMaS005579@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: WordPress Black-LetterHead Theme URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46305 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46305/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46305 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46305/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46305/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46305 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the Black-LetterHead theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after index.php (when the "s" POST parameter is set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.5. Prior versions may also be affected. SOLUTION: Update to version 1.7.1. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: Black-LetterHead: http://ulyssesonline.com/blackletterhead/2011/09/18/black-letterhead-1-7-1/ Sitewatch: https://sitewat.ch/en/Advisories/24 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 20:49:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 05:49:54 +0200 Subject: [SEC] [SA46282] Phorum "admin.php" Cross-Site Scripting Vulnerability Message-ID: <201110050349.p953nsaF029013@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Phorum "admin.php" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46282 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46282/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46282 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46282/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46282/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46282 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered a vulnerability in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after admin.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This may be related to: SA24396 The vulnerability is confirmed in version 5.2.18. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: SSCHADV2011-023: http://www.rul3z.de/advisories/SSCHADV2011-023.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 21:16:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 06:16:11 +0200 Subject: [SEC] [SA46273] Red Hat update for rpm Message-ID: <201110050416.p954GBd1019564@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Red Hat update for rpm SECUNIA ADVISORY ID: SA46273 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46273/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46273 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46273/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46273/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46273 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for rpm. This fixes some vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA46096 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1349-1: https://rhn.redhat.com/errata/RHSA-2011-1349.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 21:49:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 06:49:50 +0200 Subject: [SEC] [SA46301] WordPress RedLine Theme "s" Cross-Site Scripting Vulnerability Message-ID: <201110050449.p954noGJ010471@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: WordPress RedLine Theme "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46301 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46301/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46301 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46301/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46301/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46301 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the RedLine theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "s" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.70. Prior versions may also be affected. SOLUTION: Update to version 1.90. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: https://sitewat.ch/en/Advisories/22 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 4 22:18:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 07:18:14 +0200 Subject: [SEC] [SA46271] ezCourses Two Security Bypass Vulnerabilities Message-ID: <201110050518.p955IEYb001078@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: ezCourses Two Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA46271 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46271/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46271 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46271/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46271/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46271 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in ezCourses, which can be exploited by malicious people to bypass certain security restrictions. The vulnerabilities are caused due to the application not properly restricting access to the admin/add_admin.asp and admin/admin_db.asp scripts, which can be exploited to e.g. add an administrative user and edit an administrative user's profile. SOLUTION: Restrict access to the admin/add_admin.asp and admin/admin_db.asp scripts (e.g. via .htaccess). PROVIDED AND/OR DISCOVERED BY: J.O OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 10:50:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 19:50:54 +0200 Subject: [SEC] [SA46281] ServersCheck Monitoring Unspecified File Disclosure and Script Insertion Vulnerabilities Message-ID: <201110051750.p95HosKc017321@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: ServersCheck Monitoring Unspecified File Disclosure and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA46281 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46281/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46281 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46281/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46281/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46281 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in ServersCheck Monitoring, which can be exploited by malicious users to disclose sensitive information and conduct script insertion attacks. 1) Certain unspecified input is not properly verified before being used to download files. This can be exploited to download arbitrary files from local resources via directory traversal sequences. 2) Certain unspecified input is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 3) Certain unspecified input when setting up "SNMP TRAP Receiver Checks" is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in version 8.8.10. Prior versions may also be affected. SOLUTION: Update to version 8.8.11. PROVIDED AND/OR DISCOVERED BY: 1-2) Reported by the vendor 3) Benjamin Kunz Mejri ORIGINAL ADVISORY: ServersCheck: http://www.serverscheck.com/monitoring_software/release.asp Vulnerability Research Laboratory: http://www.vulnerability-lab.com/get_content.php?id=93 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 10:51:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 19:51:00 +0200 Subject: [SEC] [SA46150] ServersCheck Monitoring Multiple Vulnerabilities Message-ID: <201110051751.p95Hp0GU017472@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: ServersCheck Monitoring Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46150 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46150/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46150 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46150/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46150/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46150 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Benjamin Kunz Mejri has discovered multiple vulnerabilities in ServersCheck Monitoring, which can be exploited by malicious, local users and malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) The application's web interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. change the administrator's password and conduct script insertion attacks by tricking a logged in administrator into visiting a malicious web site. 2) Input passed via the "filterby" parameter to bulkedit.html, the "linenumber", "id", and "check" parameters to checks2def.html, the "fromdate" parameter to viewalerts.html, the "label" and "labelvisible" parameters to downtime.html, the "xml" parameter to timeline/timeline.html, the "device" parameter to devicegraphs.html, the "label" parameter to viewgraphs.html, the "xml" parameter to timeline_generate.html, the "linenumber" parameter to devicescan1.html, the "ItemList" parameter to reporting2.html, the "reportname" parameter to bandwidthreporting2.html, the "device" parameter to devicedetails.html, and the "gsm" parameter to smstest1.html is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "teamname" parameter to teamsedit.html, the "username" parameter to usersedit.html, the "accountdescription" and "windowsuser" parameters to windowsaccountsedit.html, the "account" parameter to msnsettings.html, the "newsetting0", "newsetting1", "newsetting2", and "newsetting3" parameters to enterprisesettings2.html, the "namevisible" parameter to checks3other.html, the "body" parameter to smssettings.html, and the "required_filename" parameter to addwizard3.html is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are confirmed in version 8.8.11. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. Do not browse untrusted websites or follow untrusted links while logged in to the application. PROVIDED AND/OR DISCOVERED BY: Benjamin Kunz Mejri ORIGINAL ADVISORY: Vulnerability Research Laboratory: http://www.vulnerability-lab.com/get_content.php?id=93 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 11:35:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 20:35:06 +0200 Subject: [SEC] [SA46316] WordPress YSlider Plugin "src" Arbitrary File Upload Message-ID: <201110051835.p95IZ6k8009275@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: WordPress YSlider Plugin "src" Arbitrary File Upload SECUNIA ADVISORY ID: SA46316 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46316/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46316 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46316/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46316/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46316 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the YSlider plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "src" parameter in wp-content/plugins/yslider/timthumb.php is not properly verified before being used to cache files. This can be exploited to upload and execute arbitrary PHP files. This may be related to vulnerability #1 in: SA45416 The vulnerability is reported in version 1.0. Prior versions may also be affected. SOLUTION: Update to version 1.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://wordpress.org/extend/plugins/yslider/changelog/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 12:35:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 21:35:10 +0200 Subject: [SEC] [SA46260] SRWare Iron Multiple Vulnerabilities Message-ID: <201110051935.p95JZAhf001506@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: SRWare Iron Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46260 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46260/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46260 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46260/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46260/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46260 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in SRWare Iron, where some have an unknown impact and others can be exploited by malicious people to conduct spoofing and cross-site scripting attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user's system. For more information: SA46049 SA46102 SOLUTION: Update to version 14.0.850.0. ORIGINAL ADVISORY: http://www.srware.net/forum/viewtopic.php?f=18&t=2659 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 13:35:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 22:35:36 +0200 Subject: [SEC] [SA46285] Ubuntu update for samba Message-ID: <201110052035.p95KZaI4026245@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Ubuntu update for samba SECUNIA ADVISORY ID: SA46285 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46285/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46285 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46285/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46285/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46285 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for samba. This fixes multiple security issues, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA38327 SA45371 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1226-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001438.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 14:27:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 23:27:44 +0200 Subject: [SEC] [SA46093] Cyrus IMAPd NTTP Authentication Bypass Logic Error Vulnerability Message-ID: <201110052127.p95LRiD2018112@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Cyrus IMAPd NTTP Authentication Bypass Logic Error Vulnerability SECUNIA ADVISORY ID: SA46093 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46093/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46093 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46093/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46093/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46093 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered a vulnerability in Cyrus IMAPd, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error within the authentication mechanism of the NNTP server, which can be exploited to bypass the authentication process and execute commands intended for authenticated users by sending an "AUTHINFO USER" command without a following "AUTHINFO PASS" command. The vulnerability is confirmed in version 2.4.10 and 2.4.11. Prior versions may also be affected. SOLUTION: Apply patch or update to version 2.4.12. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Stefan Cornelius, Secunia Research ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2011-68 Cyrus IMAPd: http://cyrusimap.org/mediawiki/index.php/Latest_Updates OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 14:49:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 5 Oct 2011 23:49:32 +0200 Subject: [SEC] [SA46277] Adobe Photoshop Elements Brush / Gradient File Parsing Buffer Overflow Message-ID: <201110052149.p95LnWuZ008429@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Adobe Photoshop Elements Brush / Gradient File Parsing Buffer Overflow SECUNIA ADVISORY ID: SA46277 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46277/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46277 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46277/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46277/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46277 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krstic has discovered a vulnerability in Adobe Photoshop Elements, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing certain structures within Brush (ABR) and Gradient (GRD) files. This can be exploited to cause a heap-based buffer overflow via a specially crafted ".abr" or ".grd" file. Successful exploitation allows execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerability is confirmed in version 8.0 20090905.r.605812 and reported by the vendor to affect versions 8.0 and earlier. SOLUTION: Upgrade to version 10. PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Lab. ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa11-03.html Zero Science Lab: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 15:15:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Oct 2011 00:15:11 +0200 Subject: [SEC] [SA46290] CF Image Hosting Script "q" Cross-Site Scripting Vulnerability Message-ID: <201110052215.p95MFB7U031377@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: CF Image Hosting Script "q" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46290 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46290/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46290 RELEASE DATE: 2011-10-05 DISCUSS ADVISORY: http://secunia.com/advisories/46290/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46290/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46290 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in CF Image Hosting Script, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "q" parameter to inc/tesmodrewite.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.4.1. Prior versions may also be affected. SOLUTION: Update to version 1.4.2. PROVIDED AND/OR DISCOVERED BY: Originally reported as File Disclosure by bd0rk. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 15:48:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Oct 2011 00:48:59 +0200 Subject: [SEC] [SA46308] Google Chrome Multiple Vulnerabilities Message-ID: <201110052248.p95Mmx5c022296@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46308 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46308/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46308 RELEASE DATE: 2011-10-06 DISCUSS ADVISORY: http://secunia.com/advisories/46308/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46308/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46308 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. 1) A use-after-free error exists in text line box handling. 2) An error in the SVG text handling can be exploited to reference a stale font. 3) An error exists within cross-origin access handling associated with a window prototype. 4) Some errors exist within audio node handling related to lifetime and threading. 5) A use-after-free error exists in the v8 bindings. 6) An error when handling v8 hidden objects can be exploited to corrupt memory. 7) An error in the shader translator can be exploited to corrupt memory. The vulnerabilities are reported in versions prior to 14.0.835.202. SOLUTION: Update to 14.0.835.202. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 2) miaubiz 3, 5, 6) Sergey Glazunov 4) Inferno, Google Chrome Security Team 7) Zhenyao Mo, Chromium development community ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.com/2011/10/stable-channel-update.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 16:15:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Oct 2011 01:15:45 +0200 Subject: [SEC] [SA46313] Ubuntu update for linux Message-ID: <201110052315.p95NFjX3012901@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA46313 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46313/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46313 RELEASE DATE: 2011-10-06 DISCUSS ADVISORY: http://secunia.com/advisories/46313/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46313/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46313 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes some vulnerabilities, which can be exploited by malicious, local users to cause a DoS and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA45695 SA44754 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1225-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001437.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 16:50:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Oct 2011 01:50:19 +0200 Subject: [SEC] [SA46241] VMware Workstation / Player / Fusion UDF Filesystem Handling Buffer Overflow Vulnerability Message-ID: <201110052350.p95NoJun003854@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: VMware Workstation / Player / Fusion UDF Filesystem Handling Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA46241 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46241/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46241 RELEASE DATE: 2011-10-06 DISCUSS ADVISORY: http://secunia.com/advisories/46241/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46241/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46241 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in some VMware products, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when handling UDF filesystem images. This can be exploited to cause a buffer overflow via a specially crafted ISO image file. Successful exploitation may allow execution of arbitrary code, but requires tricking a user into installing a system using a malicious file. The vulnerability is reported in the following products: * VMware Workstation 7.1.4 and earlier. * VMware Player 3.1.4 and earlier. * VMware Fusion 3.1.2 and earlier. SOLUTION: Update to version 7.1.5, 3.1.5, or 3.1.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person via SecuriTeam Secure Disclosure. ORIGINAL ADVISORY: http://www.vmware.com/security/advisories/VMSA-2011-0011.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 17:17:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Oct 2011 02:17:41 +0200 Subject: [SEC] [SA46284] Ubuntu update for cifs-utils Message-ID: <201110060017.p960Hf2a026892@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Ubuntu update for cifs-utils SECUNIA ADVISORY ID: SA46284 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46284/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46284 RELEASE DATE: 2011-10-06 DISCUSS ADVISORY: http://secunia.com/advisories/46284/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46284/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46284 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for cifs-utils. This fixes multiple security issues, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA45371 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1226-2: http://www.ubuntu.com/usn/usn-1226-2/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 17:50:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Oct 2011 02:50:25 +0200 Subject: [SEC] [SA46315] SUSE update for MozillaThunderbird Message-ID: <201110060050.p960oPG5017785@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaThunderbird SECUNIA ADVISORY ID: SA46315 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46315/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46315 RELEASE DATE: 2011-10-06 DISCUSS ADVISORY: http://secunia.com/advisories/46315/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46315/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46315 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaThunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA46205 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1076-2: http://lists.opensuse.org/opensuse-updates/2011-10/msg00002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 18:17:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Oct 2011 03:17:58 +0200 Subject: [SEC] [SA46250] QtWeb Browser Address Bar URL Spoofing Weakness Message-ID: <201110060117.p961HwrZ008390@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: QtWeb Browser Address Bar URL Spoofing Weakness SECUNIA ADVISORY ID: SA46250 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46250/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46250 RELEASE DATE: 2011-10-06 DISCUSS ADVISORY: http://secunia.com/advisories/46250/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46250/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46250 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Lostmon has discovered a weakness in QtWeb Browser, which can be exploited by malicious people to conduct spoofing attacks. The weakness is caused due to the application not displaying the URL of the requested location and can be exploited to display arbitrary content in a new window while showing a blank URL. The weakness is confirmed in version 3.7.3 (build 087). Other versions may also be affected. SOLUTION: Do not browse untrusted websites or follow untrusted links. PROVIDED AND/OR DISCOVERED BY: Lostmon ORIGINAL ADVISORY: http://lostmon.blogspot.com/2011/10/qtweb-internet-browser-url-weakness.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 5 18:52:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 6 Oct 2011 03:52:09 +0200 Subject: [SEC] [SA46277] Adobe Photoshop Elements Brush / Gradient File Parsing Buffer Overflow Message-ID: <201110060152.p961q9Qv031769@CRON-IX-2.intnet> ---------------------------------------------------------------------- The new Secunia Corporate Software Inspector (CSI) 5.0 Integrates with Microsoft WSUS & SCCM and supports Apple Mac OS X. Get a free trial now and qualify for a special discount: http://secunia.com/vulnerability_scanning/corporate/trial/ ---------------------------------------------------------------------- TITLE: Adobe Photoshop Elements Brush / Gradient File Parsing Buffer Overflow SECUNIA ADVISORY ID: SA46277 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46277/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46277 RELEASE DATE: 2011-10-06 DISCUSS ADVISORY: http://secunia.com/advisories/46277/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46277/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46277 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gjoko Krstic has discovered a vulnerability in Adobe Photoshop Elements, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing certain structures within Brush (ABR) and Gradient (GRD) files. This can be exploited to cause a heap-based buffer overflow via a specially crafted ".abr" or ".grd" file. Successful exploitation allows execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerability is confirmed in version 8.0 20090905.r.605812 and reported by the vendor to affect versions 8.0 and earlier. SOLUTION: Upgrade to version 10. PROVIDED AND/OR DISCOVERED BY: Gjoko Krstic, Zero Science Lab. ORIGINAL ADVISORY: Adobe: http://www.adobe.com/support/security/advisories/apsa11-03.html Zero Science Lab: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5049.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 10:37:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Oct 2011 19:37:54 +0200 Subject: [SEC] [SA46369] Comm100 Forum "dest" Redirection Weakness Message-ID: <201110111737.p9BHbsoK012175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Comm100 Forum "dest" Redirection Weakness SECUNIA ADVISORY ID: SA46369 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46369/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46369 RELEASE DATE: 2011-10-11 DISCUSS ADVISORY: http://secunia.com/advisories/46369/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46369/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46369 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sony has discovered a weakness in Comm100 Forum, which can be exploited by malicious people to conduct spoofing attacks. Input passed via the "dest" parameter to Redirect.aspx is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. The weakness is confirmed in version 2.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Sony ORIGINAL ADVISORY: http://st2tea.blogspot.com/2011/10/forums-comm100-url-redirect.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 11:37:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Oct 2011 20:37:37 +0200 Subject: [SEC] [SA46350] IBM WebSphere ILOG Rule Team Server "project" Cross-Site Scripting Vulnerability Message-ID: <201110111837.p9BIbbTd004468@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM WebSphere ILOG Rule Team Server "project" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46350 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46350/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46350 RELEASE DATE: 2011-10-11 DISCUSS ADVISORY: http://secunia.com/advisories/46350/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46350/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46350 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere ILOG Rule Team Server, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "project" parameter to teamserver/faces/home.jsp is not properly sanitised in content/error.jsp before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 7.1.1. SOLUTION: Apply APAR RS00803. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg1RS00803 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 12:38:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Oct 2011 21:38:11 +0200 Subject: [SEC] [SA46404] Microsoft Windows Media Center Insecure Library Loading Vulnerability Message-ID: <201110111938.p9BJcB1N029235@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Media Center Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA46404 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46404/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46404 RELEASE DATE: 2011-10-11 DISCUSS ADVISORY: http://secunia.com/advisories/46404/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46404/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46404 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the Windows Media Center loading libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a certain file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-076 (KB2579686, KB2579692): http://technet.microsoft.com/en-us/security/bulletin/ms11-076 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 13:36:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Oct 2011 22:36:04 +0200 Subject: [SEC] [SA46400] Microsoft Internet Explorer Multiple Vulnerabilities Message-ID: <201110112036.p9BKa4Jn021437@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft Internet Explorer Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46400 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46400/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46400 RELEASE DATE: 2011-10-11 DISCUSS ADVISORY: http://secunia.com/advisories/46400/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46400/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46400 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Internet Explorer, which can be exploited by malicious people to compromise a user's system. 1) A use-after-free error when handling the Scroll event can be exploited to dereference an already freed object. 2) An error within OLEAuto32.dll when accessing an uninitialised object can be exploited to corrupt memory. 3) A use-after-free error when handling the Option element can be exploited to dereference an already freed object. NOTE: This vulnerability does not affect Internet Explorer 9. 4) A use-after-free error when handling the OnLoad event can be exploited to dereference an already freed object. NOTE: This vulnerability only affects Internet Explorer 6. 5) An error within Jscript9.dll when accessing an uninitialised object can be exploited to corrupt memory. NOTE: This vulnerability only affects Internet Explorer 9. 6) An error when handling the Select element when accessing an uninitialised object can be exploited to corrupt memory. NOTE: This vulnerability only affects Internet Explorer 8. 7) A use-after-free error when handling the Body element can be exploited to dereference an already freed object. 8) An error when handling certain objects can be exploited to corrupt the virtual function table. Successful exploitation of the vulnerabilities allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Vishwas Sharma, McAfee Labs. 2, 5) David Bloom, Greplin. 3, 6) Ivan Fratric via ZDI. 4) GWSlabs via iDefense. 7) Sebastian Apelt via ZDI. 8) An anonymous person via ZDI. ORIGINAL ADVISORY: MS11-081 (KB2586448): http://technet.microsoft.com/en-us/security/bulletin/ms11-081 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 14:29:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Oct 2011 23:29:34 +0200 Subject: [SEC] [SA46406] Microsoft .NET Framework / Silverlight Class Inheritance Restriction Vulnerability Message-ID: <201110112129.p9BLTYs4013420@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft .NET Framework / Silverlight Class Inheritance Restriction Vulnerability SECUNIA ADVISORY ID: SA46406 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46406/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46406 RELEASE DATE: 2011-10-11 DISCUSS ADVISORY: http://secunia.com/advisories/46406/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46406/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46406 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft .NET Framework and Microsoft Silverlight, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when restricting inheritance within classes and can be exploited via a specially crafted web page. Successful exploitation allows execution of arbitrary code, but requires a browser that can run XAML Browser Applications (XBAPs) or Silverlight applications. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits an anonymous person via SecuriTeam Secure Disclosure program. ORIGINAL ADVISORY: MS11-078 (KB2572066, KB2572067, KB2572069, KB2572073, KB2572075, KB2572076, KB2572077, KB2572078, KB2617986): http://technet.microsoft.com/en-us/security/bulletin/ms11-078 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 14:50:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 11 Oct 2011 23:50:04 +0200 Subject: [SEC] [SA46405] Microsoft Windows win32k.sys Driver Multiple Vulnerabilities Message-ID: <201110112150.p9BLo4Wp003698@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft Windows win32k.sys Driver Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46405 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46405/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46405 RELEASE DATE: 2011-10-11 DISCUSS ADVISORY: http://secunia.com/advisories/46405/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46405/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46405 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service) and compromise a user's system. 1) A NULL-pointer dereference error in the win32k.sys driver can be exploited to execute arbitrary code in kernel mode. 2) An error in the win32k.sys driver when performing type translation can be exploited to cause a system hang via a specially crafted TrueType font file. 3) An error in the win32k.sys driver when handling certain font files can be exploited to cause a buffer overflow via a specially crafted ".fon" font file. 4) A use-after-free error in the win32k.sys driver when handling certain driver objects can be exploited to execute arbitrary code in kernel mode. Successful exploitation of vulnerabilities #1, #3, and #4 allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 4) Reported by the vendor. The vendor also credits the following people: 1) Andrei Lutas, BitDefender and Tarjei Mandt, Norman. 2) Maik Wellmann. 3) Will Dorman, CERT/CC. ORIGINAL ADVISORY: MS11-077 (KB2567053): http://technet.microsoft.com/en-us/security/bulletin/ms11-077 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 15:15:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 00:15:30 +0200 Subject: [SEC] [SA46399] Microsoft Host Integration Server Two Denial of Service Vulnerabilities Message-ID: <201110112215.p9BMFUjC026680@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft Host Integration Server Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46399 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46399/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46399 RELEASE DATE: 2011-10-11 DISCUSS ADVISORY: http://secunia.com/advisories/46399/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46399/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46399 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Microsoft Host Integration Server, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An input validation error when processing certain requests can be exploited to trigger an infinite loop and cause the snabase.exe, snaserver.exe, snalink.exe, or mngagent.exe process to stop responding via specially crafted requests sent to UDP port 1478 or TCP ports 1477 and 1478. 2) An input validation error when processing certain requests can be exploited to corrupt memory and cause the snabase.exe, snaserver.exe, snalink.exe, or mngagent.exe process to stop responding via specially crafted requests sent to UDP port 1478 or TCP ports 1477 and 1478. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MS11-082 (KB2607670, KB2578757, KB2579597, KB2579598, KB2579599): http://technet.microsoft.com/en-us/security/bulletin/ms11-082 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 15:49:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 00:49:44 +0200 Subject: [SEC] [SA46403] Microsoft Windows Active Accessibility Insecure Library Loading Vulnerability Message-ID: <201110112249.p9BMniYN017690@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Active Accessibility Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA46403 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46403/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46403 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46403/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46403/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46403 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the Microsoft Active Accessibility component loading libraries in an insecure manner. This can be exploited to load arbitrary libraries by tricking a user into opening a file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Mila Parkour, Contagio and Anshul Kothari and Nishant Kaushik, Adobe Systems, Inc. ORIGINAL ADVISORY: MS11-075 (KB2564958): http://technet.microsoft.com/en-us/security/bulletin/ms11-075 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 16:15:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 01:15:05 +0200 Subject: [SEC] [SA46401] Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability Message-ID: <201110112315.p9BNF540008240@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft Windows Ancillary Function Driver Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA46401 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46401/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46401 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46401/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46401/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46401 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Microsoft Windows, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an input validation error in the Ancillary Function Driver (afd.sys) when passing data from user mode to the kernel. This can be exploited to execute arbitrary code in kernel mode via a specially crafted application. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Bo Zhou, National University of Defense Technology. ORIGINAL ADVISORY: MS11-080 (KB2592799): http://technet.microsoft.com/en-us/security/bulletin/ms11-080 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 16:53:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 01:53:49 +0200 Subject: [SEC] [SA46402] Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities Message-ID: <201110112353.p9BNrnGI031872@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46402 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46402/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46402 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46402/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46402/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46402 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Microsoft Forefront Unified Access Gateway, which can be exploited by malicious people to conduct cross-site scripting and HTTP response splitting attacks, cause a DoS (Denial of Service), and compromise a user's system. 1) Certain unspecified input related to ExcelTables is not properly sanitised before being returned to the user. This can be exploited to insert arbitrary HTTP headers, which will be included in a response sent to the user. 2) Certain unspecified input related to ExcelTables is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) An unspecified error exists within the MicrosoftClient.jar Java applet, which can be exploited to download and install a malicious JAR file on client systems. Successful exploitation of this vulnerability allows execution of arbitrary code in context of a client using the gateway. 5) An error when handling session cookies with a NULL value can be exploited to stop the IIS worker process and disrupt Web services. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1 - 3) The vendor credits Tenable Network Security. 4, 5) Reported by the vendor. ORIGINAL ADVISORY: MS11-079 (KB2544641, KB2522482, KB2522483, KB2522484, KB2522485): http://technet.microsoft.com/en-us/security/bulletin/ms11-079 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 17:34:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 02:34:45 +0200 Subject: [SEC] [SA46355] Ubuntu update for linux Message-ID: <201110120034.p9C0YjYh012036@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA46355 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46355/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46355 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46355/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46355/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46355 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA44754 SA45420 SA45533 SA45695 SA46251 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1227-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001442.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 17:34:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 02:34:45 +0200 Subject: [SEC] [SA46398] WordPress Ninja Announcements Plugin "[ninja_annc]" Shortcode SQL Injection Message-ID: <201110120034.p9C0YjB0012024@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Ninja Announcements Plugin "[ninja_annc]" Shortcode SQL Injection SECUNIA ADVISORY ID: SA46398 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46398/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46398 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46398/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46398/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46398 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Ninja Announcements plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "id" attribute of the "[ninja_annc]" shortcode when creating posts is not properly sanitised in wp-content/plugins/ninja-announcements/ninja_annc.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires the "Author" role. The vulnerability is confirmed in version 1.2.3. Prior versions may also be affected. SOLUTION: Update to version 1.3 or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Ninja Announcements: http://wordpress.org/extend/plugins/ninja-announcements/changelog/ http://plugins.trac.wordpress.org/changeset/389179/ninja-announcements/trunk/ninja_annc.php?old=387277&old_path=ninja-announcements%2Ftrunk%2Fninja_annc.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 11 18:02:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 03:02:05 +0200 Subject: [SEC] [SA46355] Ubuntu update for linux Message-ID: <201110120102.p9C125ZX003122@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA46355 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46355/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46355 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46355/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46355/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46355 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA44754 SA45420 SA45533 SA45695 SA46251 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1227-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001442.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 10:36:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 19:36:06 +0200 Subject: [SEC] [SA46371] SUSE update for libqt4 Message-ID: <201110121736.p9CHa6vC011039@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for libqt4 SECUNIA ADVISORY ID: SA46371 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46371/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46371 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46371/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46371/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46371 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libqt4. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA41537 SA46140 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1119-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00007.html openSUSE-SU-2011:1120-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00008.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 11:36:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 20:36:09 +0200 Subject: [SEC] [SA46390] SilverStripe URL Cross-Site Scripting Vulnerability Message-ID: <201110121836.p9CIa9eV003349@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SilverStripe URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46390 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46390/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46390 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46390/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46390/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46390 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in SilverStripe, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL via e.g. admin/reports/ is not properly sanitised in the "process()" function in sapphire/core/SSViewer.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that the victim uses a browser that does not URL-encode the request (e.g. Internet Explorer 6). The vulnerability is confirmed in version 2.4.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: SSCHADV2011-024: http://www.rul3z.de/advisories/SSCHADV2011-024.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 12:35:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 21:35:22 +0200 Subject: [SEC] [SA46381] ManageEngine ADSelfService Plus Security Bypass Vulnerability Message-ID: <201110121935.p9CJZMho028032@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: ManageEngine ADSelfService Plus Security Bypass Vulnerability SECUNIA ADVISORY ID: SA46381 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46381/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46381 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46381/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46381/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46381 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Roberto Paleari has reported a vulnerability in ManageEngine ADSelfService Plus, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to the j_security_check script not properly verifying certain requests. This can be exploited to bypass the authentication mechanism and gain administrative access via specially crafted requests. The vulnerability is reported in version 4.5 Build 4521. Prior versions may also be affected. SOLUTION: Update to version 4.5 Build 4522. PROVIDED AND/OR DISCOVERED BY: Roberto Paleari, Emaze Networks S.p.A ORIGINAL ADVISORY: ADSelfService Plus: http://forums.manageengine.com/topic/adselfservice-plus-fixes-and-enhancements Emaze: http://blog.emaze.net/2011/10/zoho-manageengine-adselfservice-plus.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 13:35:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 22:35:38 +0200 Subject: [SEC] [SA46422] WordPress Light Post Plugin "abspath" File Inclusion Vulnerability Message-ID: <201110122035.p9CKZc4B020358@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Light Post Plugin "abspath" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA46422 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46422/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46422 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46422/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46422/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46422 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Light Post plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "abspath" parameter to wp-content/plugins/light-post/wp-light-post.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. The vulnerability is confirmed in version 1.4. Prior versions may also be affected. SOLUTION: Update to version 1.5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Light Post: http://wordpress.org/extend/plugins/light-post/changelog/ http://plugins.trac.wordpress.org/changeset/437217/light-post/trunk/wp-light-post.php?old=416259&old_path=light-post%2Ftrunk%2Fwp-light-post.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 14:31:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 12 Oct 2011 23:31:34 +0200 Subject: [SEC] [SA46407] SUSE update for tomcat5 Message-ID: <201110122131.p9CLVYau012469@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for tomcat5 SECUNIA ADVISORY ID: SA46407 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46407/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46407 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46407/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46407/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46407 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for tomcat5. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information and bypass certain security restrictions. For more information: SA45748 SOLUTION: Apply updated packages via YaST Online Update or the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1117-1: https://hermes.opensuse.org/messages/12057660 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 15:02:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 00:02:23 +0200 Subject: [SEC] [SA46410] SUSE update for Qt Message-ID: <201110122202.p9CM2NWo003269@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for Qt SECUNIA ADVISORY ID: SA46410 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46410/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46410 RELEASE DATE: 2011-10-12 DISCUSS ADVISORY: http://secunia.com/advisories/46410/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46410/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46410 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for Qt. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA40389 SA41537 SA46140 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1113-1: https://hermes.opensuse.org/messages/12056605 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 15:28:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 00:28:09 +0200 Subject: [SEC] [SA46357] Google App Engine SDK for Python Cross-Site Request Forgery Vulnerability Message-ID: <201110122228.p9CMS9bi026259@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Google App Engine SDK for Python Cross-Site Request Forgery Vulnerability SECUNIA ADVISORY ID: SA46357 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46357/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46357 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46357/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46357/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46357 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Google App Engine SDK for Python, which can be exploited by malicious people to conduct cross-site request forgery attacks. The vulnerability is caused due to the application allowing users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. execute arbitrary Python code if a user visits a specially crafted web page. The vulnerability is reported in version 1.5.3. Prior versions may also be affected. SOLUTION: Update to version 1.5.4. PROVIDED AND/OR DISCOVERED BY: Adi Sharabani, IBM ORIGINAL ADVISORY: http://blog.watchfire.com/files/googleappenginesdk.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 15:50:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 00:50:05 +0200 Subject: [SEC] [SA46411] Hitachi JP1/Cm2/Network Node Manager Unspecified Vulnerabilities Message-ID: <201110122250.p9CMo5Mo016624@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Hitachi JP1/Cm2/Network Node Manager Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA46411 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46411/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46411 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46411/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46411/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46411 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Hitachi JP1/Cm2/Network Node Manager, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a vulnerable system. The vulnerabilities are caused due to unspecified errors. No further information is currently available. Successful exploitation may allow execution of arbitrary code. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply fixes (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Hitachi (HS11-023): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS11-023/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 16:15:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 01:15:02 +0200 Subject: [SEC] [SA46370] BlackBerry Enterprise Server Instant Messaging User Impersonation Vulnerability Message-ID: <201110122315.p9CNF2hN007159@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: BlackBerry Enterprise Server Instant Messaging User Impersonation Vulnerability SECUNIA ADVISORY ID: SA46370 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46370/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46370 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46370/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46370/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46370 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BlackBerry Enterprise Server, which can be exploited by malicious users to impersonate other users. The vulnerability is caused due to an error within the authentication mechanism of the BlackBerry Collaboration Service component. This can be exploited to log into the BlackBerry Collaboration Service via a BlackBerry device as another legitimate user and e.g. send messages as the user, receive messages sent to the user, and access the user's enterprise instant messaging contact list. The vulnerability is reported in the following versions: * BlackBerry Enterprise Server for Microsoft Exchange versions 5.0.3 through 5.0.3 MR4. * BlackBerry Enterprise Server for IBM Lotus Domino versions 5.0.3 through 5.0.3 MR4. SOLUTION: Apply Interim Security Software Update for October 11, 2011. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.blackberry.com/btsc/KB28524 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 16:50:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 01:50:14 +0200 Subject: [SEC] [SA46339] Apple iTunes Multiple Vulnerabilities Message-ID: <201110122350.p9CNoERJ030612@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple iTunes Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46339 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46339/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46339 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46339/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46339/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46339 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has reported multiple vulnerabilities in Apple iTunes, which can be exploited by malicious people to disclose sensitive information, manipulate certain data, conduct cross-site scripting and spoofing attacks, bypass certain security restrictions, and compromise a user's system. Multiple vulnerabilities exist within the WebKit and ColorSync components. For more information: SA44375 (#8) SA45097 (#2) SA45325 SA45498 SA45698 (#2) SA46049 (#11) SA46171 (#6) 1) An error in the CoreFoundation component when handling string tokenization can be exploited to corrupt memory via a MitM (Man-in-the-Middle) attack. 2) An error in the CoreAudio component when handling Advanced Audio Coding (AAC) streams can be exploited to cause a buffer overflow. NOTE: Vulnerabilities #1 and #2 do not affect the application on OS X Lion systems. 3) An error in the CoreMedia component when handling H.264 encoded movie files can be exploited to cause a buffer overflow. 4) Some errors in the WebKit component when using the AddressSanitizer can be exploited to corrupt memory. 5) Multiple unspecified errors in the WebKit component can be exploited to corrupt memory. Successful exploitation of vulnerabilities #1 through #5 may allow execution of arbitrary code. SOLUTION: Update to version 10.5. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. The vendor also credits: 2) Luigi Auriemma via ZDI. 3) Damian Put via ZDI. 4) Cris Neckar, Adam Barth, and Abhishek Arya (Inferno), Google Chrome Security Team. The vendor provides a bundled list of credits for vulnerabilities in #5: * Cris Neckar, Google Chrome Security Team * Abhishek Arya (Inferno), Google Chrome Security Team * SkyLined, Google Chrome Security Team * Raman Tenneti and Philip Rogers, Google * Sadrul Habib Chowdhury, Chromium development community * Cris Neckar and Abhishek Arya (Inferno), Google Chrome Security Team * Dimitri Glazkov, Kent Tamura, Dominic Cooney, Chromium development community * Martin Barbella * Slawomir Blazek * vkouchna ORIGINAL ADVISORY: http://support.apple.com/kb/HT4981 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 17:18:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 02:18:58 +0200 Subject: [SEC] [SA46354] POSH Cross-Site Scripting and File Inclusion Vulnerabilities Message-ID: <201110130018.p9D0Iwf9021343@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: POSH Cross-Site Scripting and File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA46354 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46354/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46354 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46354/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46354/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46354 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in POSH, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to conduct cross-site scripting attacks. 1) Input passed to the "lang" parameter in portal/scr_changelang.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. 2) Input passed to the "message" parameter in portal/login.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are confirmed in version 3.1.1. Prior versions may also be affected. SOLUTION: Update to version 3.1.2. PROVIDED AND/OR DISCOVERED BY: CrashFr ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17959/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 17:50:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 02:50:33 +0200 Subject: [SEC] [SA46383] Red Hat update for kdelibs Message-ID: <201110130050.p9D0oXAY012186@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for kdelibs SECUNIA ADVISORY ID: SA46383 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46383/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46383 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46383/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46383/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46383 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for kdelibs. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA46157 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1364-01: https://rhn.redhat.com/errata/RHSA-2011-1364.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 18:16:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 03:16:59 +0200 Subject: [SEC] [SA46396] Contao URL "getPageIdFromURL()" Cross-Site Scripting Vulnerability Message-ID: <201110130116.p9D1Gx4H002777@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Contao URL "getPageIdFromURL()" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46396 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46396/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46396 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46396/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46396/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46396 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered a vulnerability in Contao, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain input passed to the URL after index.php to the frontend is not properly sanitised in the "getPageIdFromURL()" function in system/modules/frontend/Frontend.php before being returned to the user when the automatic URL construction feature is used (e.g. "Article Teaser"). This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.10.1. Prior versions may also be affected. SOLUTION: Update to version 2.10.2. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: SSCHADV2011-025: http://www.rul3z.de/advisories/SSCHADV2011-025.txt Contao Changelog: http://www.contao.org/changelog.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 18:49:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 03:49:24 +0200 Subject: [SEC] [SA46360] MyBB MyStatus Plugin "statid" SQL Injection Vulnerability Message-ID: <201110130149.p9D1nOmb026113@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: MyBB MyStatus Plugin "statid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46360 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46360/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46360 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46360/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46360/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46360 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the MyStatus plugin for MyBB, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "statid" parameter to process-mystatus.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 3.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Mario_Vs OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 19:18:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 04:18:05 +0200 Subject: [SEC] [SA46358] Gentoo update for php Message-ID: <201110130218.p9D2I5Xp017305@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for php SECUNIA ADVISORY ID: SA46358 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46358/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46358 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46358/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46358/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46358 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for php. This fixes multiple vulnerabilities, where some have unknown impacts and others can be exploited by malicious users to bypass certain security restrictions and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA36791 SA38708 SA39573 SA39675 SA41081 SA41506 SA41724 SA42843 SA43328 SA43929 SA44874 SA45678 SOLUTION: Update to version "dev-lang/php-5.3.8" or later. ORIGINAL ADVISORY: GLSA 201110-06: http://security.gentoo.org/glsa/glsa-201110-06.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 19:50:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 04:50:19 +0200 Subject: [SEC] [SA46352] MyBB Advanced Forum Signatures Plugin Multiple SQL Injection Vulnerabilities Message-ID: <201110130250.p9D2oJrj008193@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: MyBB Advanced Forum Signatures Plugin Multiple SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46352 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46352/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46352 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46352/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46352/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46352 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in the Advanced Forum Signatures plugin for MyBB, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the "afs_type", "afs_background", "afs_showonline", "afs_bar_left", "afs_bar_center", "afs_bar_right", and "afs_full_line1" through "afs_full_line6" parameters in signature.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 2.0.4. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Mario_Vs ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17961/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 20:16:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 05:16:56 +0200 Subject: [SEC] [SA46359] Gentoo update for gnutls Message-ID: <201110130316.p9D3GuHp031216@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for gnutls SECUNIA ADVISORY ID: SA46359 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46359/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46359 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46359/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46359/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46359 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for gnutls. This fixes multiple vulnerabilities, which can be exploited by malicious people to manipulate certain data and conduct spoofing attacks. For more information: SA36266 SA37292 SOLUTION: Update to version "net-libs/gnutls-2.10.0" or later. ORIGINAL ADVISORY: GLSA 201110-05: http://security.gentoo.org/glsa/glsa-201110-05.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 20:51:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 05:51:04 +0200 Subject: [SEC] [SA46364] Gentoo update for bugzilla Message-ID: <201110130351.p9D3p4gh022222@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for bugzilla SECUNIA ADVISORY ID: SA46364 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46364/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46364 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46364/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46364/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46364 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for bugzilla. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain access to potentially sensitive information, by malicious users to disclose potentially sensitive information, bypass certain security restrictions, conduct script insertion and spoofing attacks, and by malicious people to conduct HTTP response splitting, cross-site scripting and forgery attacks, and bypass certain security restrictions. For more information: SA42071 SA43033 SA45501 SOLUTION: Update to version "www-apps/bugzilla-3.6.6" or later. ORIGINAL ADVISORY: GLSA 201110-03: http://www.gentoo.org/security/en/glsa/glsa-201110-03.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 21:17:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 06:17:03 +0200 Subject: [SEC] [SA46340] AUTOMGEN Project File Processing Use-After-Free Vulnerability Message-ID: <201110130417.p9D4H3RX012801@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: AUTOMGEN Project File Processing Use-After-Free Vulnerability SECUNIA ADVISORY ID: SA46340 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46340/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46340 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46340/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46340/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46340 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in AUTOMGEN, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a use-after-free error when processing Project files and can be exploited to reference freed memory as a function pointer via a specially crafted ".agn" file. Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerability is confirmed in version 8.18. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/automgen_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 21:51:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 06:51:12 +0200 Subject: [SEC] [SA46348] Geeklog BBcode Script Insertion Vulnerabilities Message-ID: <201110130451.p9D4pCjn003765@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Geeklog BBcode Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA46348 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46348/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46348 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46348/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46348/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46348 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Geeklog, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "[code]" and "[raw]" BBcode tags when creating stories is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious story is being viewed. The vulnerabilities are reported in versions prior to 1.8.1. SOLUTION: Update to version 1.8.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Geeklog: http://www.geeklog.net/article.php/geeklog-1.8.1#trackback http://project.geeklog.net/tracking/view.php?id=1368 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 12 22:15:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 07:15:36 +0200 Subject: [SEC] [SA46337] Phorum "phorum_admin_token" Cross-Site Scripting Vulnerability Message-ID: <201110130515.p9D5FaJw026680@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Phorum "phorum_admin_token" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46337 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46337/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46337 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46337/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46337/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46337 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Phorum, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "phorum_admin_token" parameter to admin.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 5.2.17. Prior versions may also be affected. SOLUTION: Update to version 5.2.18. PROVIDED AND/OR DISCOVERED BY: The vendor credits Paul Davis. ORIGINAL ADVISORY: http://www.phorum.org/phorum5/read.php?64,149588 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 10:38:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 19:38:50 +0200 Subject: [SEC] [SA46380] D-Link DIR-685 Xtreme N Storage Router Encryption Failure Weakness Message-ID: <201110131738.p9DHcoY7021317@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: D-Link DIR-685 Xtreme N Storage Router Encryption Failure Weakness SECUNIA ADVISORY ID: SA46380 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46380/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46380 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46380/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46380/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46380 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in D-Link DIR-685 Xtreme N Storage Router, which can be exploited by malicious people to bypass certain security restrictions. The weakness is caused due to an error in the router when configured with WPA/WPA2 and an AES pre-shared key (PSK) cipher. This can lead to the router failing to an unencrypted connection under certain circumstances. SOLUTION: Do not use an AES pre-shared key (PSK) cipher. PROVIDED AND/OR DISCOVERED BY: Jerry Decime via US-CERT. ORIGINAL ADVISORY: US-CERT: http://www.kb.cert.org/vuls/id/924307 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 11:37:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 20:37:10 +0200 Subject: [SEC] [SA46432] WordPress Pretty Link Plugin Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201110131837.p9DIbA0Q013538@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Pretty Link Plugin Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA46432 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46432/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46432 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46432/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46432/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46432 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in the Pretty Link plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "min_date" parameter to wp-content/plugins/pretty-link/classes/views/prli-clicks/head.php, the "message" parameter to wp-content/plugins/pretty-link/classes/views/prli-dashboard-widget/widget.php, the "errors[]" parameter to wp-content/plugins/pretty-link/classes/views/shared/errors.php, and the "page_first_record", "page_last_record", "record_count", "controller_file", and "page_params" parameters to wp-content/plugins/pretty-link/classes/views/shared/table-nav.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via various parameters to wp-content/plugins/pretty-link/classes/views/prli-links/form.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Examples: http://[host]/wp-content/plugins/pretty-link/classes/views/prli-links/form.php?prli_blogurl=[script] http://[host]/wp-content/plugins/pretty-link/classes/views/prli-links/form.php?values[slug]=[script] http://[host]/wp-content/plugins/pretty-link/classes/views/prli-links/form.php?values[redirect_type][307]=[script] Successful exploitation requires that "register_globals" is enabled. The vulnerabilities are confirmed in version 1.4.56. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_pretty_link_wordpress_plugin.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 12:36:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 21:36:13 +0200 Subject: [SEC] [SA46414] IBM OS/400 HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness Message-ID: <201110131936.p9DJaDeh005783@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM OS/400 HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness SECUNIA ADVISORY ID: SA46414 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46414/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46414 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46414/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46414/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46414 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: IBM has acknowledged a weakness in OS/400, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA46288 The weakness is reported in versions V6R1M0, V5R4M0, and V5R5M0. SOLUTION: Apply APAR SE49723 or SE49724. ORIGINAL ADVISORY: SE49723: http://www-01.ibm.com/support/docview.wss?uid=nas2064c7e5f53452ff686257927003c8d42 SE49724: http://www-01.ibm.com/support/docview.wss?uid=nas2b7c57b1f1035675186257927003c8d48 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 13:37:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 22:37:00 +0200 Subject: [SEC] [SA46436] WordPress teachPress Plugin "root" Two Local File Inclusion Vulnerabilities Message-ID: <201110132037.p9DKb0ji030585@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress teachPress Plugin "root" Two Local File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA46436 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46436/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46436 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46436/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46436/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46436 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in the teachPress plugin for WordPress, which can be exploited by malicious people to disclose potentially sensitive information. 1) Input passed via the "root" parameter to wp-content/plugins/teachpress/feed.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. 2) Input passed via the "root" parameter to wp-content/plugins/teachpress/export.php (when "lvs_ID" and "type" are set) is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. Successful exploitation requires that "register_globals" is enabled and "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 2.3.2. Prior versions may also be affected. SOLUTION: Update to version 2.3.3. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: teachPress: http://plugins.trac.wordpress.org/changeset/405672/teachpress/trunk/feed.php?old=340149&old_path=teachpress%2Ftrunk%2Ffeed.php http://plugins.trac.wordpress.org/changeset/405672/teachpress/trunk/export.php?old=340149&old_path=teachpress%2Ftrunk%2Fexport.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 14:53:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 13 Oct 2011 23:53:23 +0200 Subject: [SEC] [SA46415] Apple TV Multiple Vulnerabilities Message-ID: <201110132153.p9DLrNO3006206@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple TV Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46415 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46415/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46415 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46415/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46415/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46415 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has acknowledged multiple vulnerabilities in Apple TV, which can be exploited by malicious people to disclose certain information, conduct spoofing attacks, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a user's device. For more information: SA46377 SOLUTION: Update to Apple TV Software version 4.4. ORIGINAL ADVISORY: http://support.apple.com/kb/HT5001/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 15:28:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 00:28:55 +0200 Subject: [SEC] [SA46416] DAEMON Tools Unspecified Denial of Service Vulnerability Message-ID: <201110132228.p9DMStjp010366@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: DAEMON Tools Unspecified Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46416 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46416/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46416 RELEASE DATE: 2011-10-13 DISCUSS ADVISORY: http://secunia.com/advisories/46416/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46416/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46416 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in DAEMON Tools, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error and can be exploited to cause a system to crash. The vulnerability is reported in versions prior to 4.41.0315. SOLUTION: Update to version 4.41.0315. PROVIDED AND/OR DISCOVERED BY: JVN credits Satoshi Tanda, Fourteenforty Research Institute Inc. ORIGINAL ADVISORY: JVN: http://jvn.jp/en/jp/JVN07414354/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000085.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 15:52:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 00:52:04 +0200 Subject: [SEC] [SA46397] VMware ESX / ESXi Server Multiple Vulnerabilities Message-ID: <201110132252.p9DMq4Eb000751@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: VMware ESX / ESXi Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46397 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46397/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46397 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46397/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46397/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46397 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged multiple vulnerabilities in VMware ESX and ESXi Server, which can be exploited by malicious, local users to disclose system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people with physical access to potentially compromise a vulnerable system and cause a DoS (Denial of Service), and by malicious people to disclose potentially sensitive information, conduct spoofing attacks, bypass certain security features, and cause a DoS (Denial of Service). 1) Multiple vulnerabilities exist in the Service Console kernel. For more information: SA27555 SA28696 SA35093 SA38499 SA38601 SA39080 SA39490 SA40205 SA41002 SA41245 SA41284 SA41440 SA41493 SA41650 SA42035 SA42061 SA42126 SA42128 SA42187 SA42354 SA42372 SA42395 SA42422 SA42570 SA43009 SA43594 2) Multiple vulnerabilities exist in Kerberos (krb5-libs and krb5-workstation). For more information: SA42396 SA43260 3) Multiple vulnerabilities exist in the GNU C Library. For more information: SA43492 SA43976 SA44353 4) Some errors in the mptsas, mpt2sas, and mptspi drivers can be exploited to corrupt memory. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: VMware (VMSA-2011-0012): http://www.vmware.com/security/advisories/VMSA-2011-0012.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 16:17:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 01:17:22 +0200 Subject: [SEC] [SA46377] Apple iOS Multiple Vulnerabilities Message-ID: <201110132317.p9DNHMFR023760@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple iOS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46377 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46377/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46377 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46377/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46377/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46377 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious people with physical access to disclose certain information and by malicious people to conduct script insertion, cross-site scripting, and spoofing attacks, disclose sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and compromise a user's device. 1) An error within the CalDAV component does not properly validate the SSL certificate when synchronizing the calendar, which can be exploited to disclose encrypted information e.g. using a Man-in-the-Middle (MitM) attack. 2) Input passed via invitation notes is not properly sanitised in Calendar before being returned to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious invitation is being viewed. 3) The CFNetwork component stores a user's AppleID password and username in the log file readable by applications, which can be exploited to disclose the credentials. 4) The CFNetwork component does not properly restrict cross-domain access of HTTP cookies, which can be exploited to access the cookies of another web site. 5) An error exists within CoreFoundation when handling string tokenization. For more information see vulnerability #1 in: SA46339 6) Multiple errors within CoreGraphics when handling the certain freetype fonts can be exploited to corrupt memory. 7) An error within CoreMedia does not properly handle cross-site redirects and can be exploited to disclose video data. 8) An error exits within the Data Access component when handling multiple accounts configured on the same server and can be exploited to disclose the cookie of another account. 9) The application accepts X.509 certificates with MD5 hashes, which could lead to weak cryptographic certificates being used. This can be exploited to disclose encrypted information e.g. using a Man-in-the-Middle (MitM) attack. 10) A design error exists within the implementation of SSL 3.0 and TLS 1.0 protocols. For more information: SA46168 11) An error within ImageIO when handling CCITT Group 4 encoded TIFF files can be exploited to cause a buffer overflow. For more information see vulnerability #1 in: SA43593 12) An error in ImageIO within the handling of CCITT Group 4 encoded TIFF image files can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #9 in: SA45325 13) An error within ICU (International Components for Unicode) can be exploited to cause a buffer overflow. For more information see vulnerability #11 in: SA45054 14) An error within the kernel does not reclaim memory from incomplete TCP connections, which can be exploited to exhaust system resources by connecting to a listening service and cause the device to reset. 15) A NULL-pointer dereference error within the kernel when handling IPv6 socket options can be exploited to cause the device to reset. 16) An error within libxml can be exploited to cause a heap-based buffer overflow. For more information see vulnerability #12 in: SA45325 17) An error within OfficeImport when viewing certain Microsoft Word files can be exploited to cause a buffer overflow. 18) An error within OfficeImport when viewing certain Microsoft Excel files can be exploited to cause a buffer overflow. 19) An indexing error exists in the OfficeImport framework when processing certain records in a Microsoft Word file. For more information see vulnerability #19 in: SA45054 20) An error in the OfficeImport framework when processing records can be exploited to corrupt memory. For more information see vulnerability #28 in: SA43814 21) An error within Safari does not properly handle the "attachment" HTTP Content-Disposition header and can be exploited to conduct cross-site scripting attacks. 22) The parental restrictions feature stores the restrictions passcode in plaintext on disk and can be exploited to disclose the passcode. 23) An error within UIKit does not properly handle "tel:" URIs and can be exploited to cause the device to hang by tricking the user into visiting a malicious website. 24) Some vulnerabilities are caused due to a bundled vulnerable version of WebKit. For more information: SA43519 SA43683 SA43696 SA43859 SA45097 SA45325 SA45325 SA45498 SA45498 SA46339 SA46412 25) The WiFi credentials are stored in a file readable by other applications, which may lead to the credentials being disclosed. Successful exploitation of vulnerabilities #6, #16 ? #20, and #24 may allow execution of arbitrary code. SOLUTION: Apply iOS 5 Software Update. PROVIDED AND/OR DISCOVERED BY: 1) Leszek Tasiemski, nSense. 6, 9) Reported by the vendor. The vendor credits: 2) Rick Deacon 3) Peter Quade, qdevelop 4) Erling Ellingsen, Facebook. 7) Nirankush Panchbhai and Microsoft Vulnerability Research (MSVR) 8) Bob Sielken, IBM 14) Wouter van der Veer, Topicus and Josh Enders 15) Thomas Clement, Intego 17) Tobias Klein via iDefense. 18) Tobias Klein, www.trapkit.de 21) Christian Matthies via iDefense and Yoshinori Oota, Business Architects via JP/CERT. 22) An anonymous person 23) Simon Young, Anglia Ruskin University 25) Laurent OUDOT, TEHTRI Security ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT4999 nSense: http://www.nsense.fi/advisories/nsense_2011_006.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 16:52:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 01:52:15 +0200 Subject: [SEC] [SA46428] BugFree Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201110132352.p9DNqFfv014799@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: BugFree Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA46428 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46428/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46428 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46428/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46428/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46428 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in BugFree, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "ActionType" parameter to Bug.php (when "BugID" is valid) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. 2) Input passed via the "ReportMode" parameter to Report.php and ReportLeft.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. 3) Input passed via the URL to Admin/AdminProjectList.php, Admin/AdminGroupList.php, and Admin/AdminUserLogList.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in the context of an affected site. The vulnerabilities are confirmed in version 2.1.3. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23048: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_bugfree.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 17:18:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 02:18:53 +0200 Subject: [SEC] [SA46393] Drupal Certificate Login Module SQL Injection Vulnerability Message-ID: <201110140018.p9E0IrZa005386@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Drupal Certificate Login Module SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46393 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46393/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46393 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46393/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46393/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46393 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Certificate Login module for Drupal, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the client certificate's data fields is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 6.x-2.3. SOLUTION: Update to version 6.x-2.3 Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Jyri-Petteri "ZeiP" Paloposki. ORIGINAL ADVISORY: SA-CONTRIB-2011-048: http://drupal.org/node/1307494 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 17:52:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 02:52:10 +0200 Subject: [SEC] [SA46429] Minitube Insecure Temporary Files Security Issue Message-ID: <201110140052.p9E0qARd028763@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Minitube Insecure Temporary Files Security Issue SECUNIA ADVISORY ID: SA46429 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46429/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46429 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46429/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46429/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46429 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been discovered in Minitube, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the application using temporary files in an insecure manner, which can be exploited to e.g. overwrite arbitrary files via symlink attacks. Note: This may not affect the Windows version. The security issue is confirmed in version 1.5. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Tom?? "Mepho" Pru?ina ORIGINAL ADVISORY: https://bugs.gentoo.org/show_bug.cgi?id=377929 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 18:18:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 03:18:14 +0200 Subject: [SEC] [SA46426] Fedora update for phpPgAdmin Message-ID: <201110140118.p9E1IESs019337@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for phpPgAdmin SECUNIA ADVISORY ID: SA46426 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46426/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46426 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46426/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46426/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46426 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for phpPgAdmin. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA46248 SOLUTION: Apply updated packages via the yum utility ("yum update phpPgAdmin"). ORIGINAL ADVISORY: FEDORA-2011-13805: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067843.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 18:52:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 03:52:11 +0200 Subject: [SEC] [SA46417] Apple Mac OS X Multiple Vulnerabilities Message-ID: <201110140152.p9E1qBdN010310@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple Mac OS X Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46417 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46417/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46417 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46417/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46417/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46417 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Apple has issued a security update for Mac OS X, which fixes multiple vulnerabilities. 1) Some vulnerabilities exist in Apache, BIND, CoreFoundation, CoreMedia, iChat Server, Mailman, Postfix, PHP, Python, QuickTime, Tomcat, and X11: For more information: SA37426 SA38219 SA39574 SA39937 SA40148 SA41724 SA42337 SA42374 SA42435 SA43194 SA43198 SA43389 SA43646 SA43814 SA44490 SA44719 SA44787 SA45046 SA45082 SA45167 SA45516 SA45606 SA46339 2) A format string error in the Application Firewall's debug logging can be exploited via a specially crafted name. 3) A signedness error in the ATS component when handling Type 1 fonts can be exploited via a specially crafted font embedded in a document. 4) An error in the ATS component when handling Type 1 fonts can be exploited to access an out of bounds memory location via a specially crafted font embedded in a document. 5) An error in the ATSFontDeactivate API can be exploited to cause a buffer overflow. 6) A synchronization error in the CFNetwork component when handling cookie policies can be exploited to bypass Safari's cookie preferences and store a cookie that would otherwise be blocked. 7) An error in the CFNetwork component when handling HTTP cookies can be exploited to send a cookie for a domain to a server outside of that domain. 8) Some errors in the CoreMedia component when handling QuickTime movie files can be exploited to corrupt memory. 9) An error in the CoreProcesses component when handling system windows (e.g. VPN password prompt) while the screen is locked can be exploited to partially bypass the screen lock. 10) An error in the CoreStorage component when enabling FileVault did not encrypt some data at the start of a volume. 11) An error when handling HTTPS connections to WebDAV volumes did not properly verify certificate information and can be exploited via a Man-in-the-Middle (MitM) attack. 12) An error in the IOGraphics component within the screen lock functionality when used with Apple Cinema displays can be exploited to access the system without entering a password. 13) A logic error in the kernel's DMA protection can be exploited to access a user's password via firewire DMA access at loginwindow, boot, or shutdown processing. 14) A logic error in the kernel's handling of file deletions in directories when the sticky bit was set can be exploited to delete another user's files within a shared directory. 15) An error exists in the libsecurity module when handling errors during the parsing of a nonstandard certificate revocation list extension. 16) Some errors in the MediaKit component when handling disk images can be exploited to corrupt memory. 17) An error in the Open Directory component within the access control mechanism can be exploited to access another local user's password data. 18) An error in the Open Directory component within the access control mechanism can be exploited to change another user's password. 19) An error in the Open Directory component when bound to a LDAPv3 server and no AuthenticationAuthority attribute for a user exists can be exploited by an LDAP user to login without a password. 20) Some errors in QuickTime when handling movie files can be exploited to corrupt memory via a specially crafted file. 21) An error in QuickTime within the "Save for Web" export feature due to storing certain JavaScript code from the vendor's website using HTTP can be exploited to inject arbitrary code via a Man-in-the-Middle (MitM) attack, which will be executed when saved content is viewed locally. 22) An error in QuickTime when processing URL data handlers within movie files can be exploited to reference uninitialized memory via a specially crafted file. 23) An error in QuickTime when handling the atom hierarchy within movie files can be exploited via a specially crafted file. 24) An error in QuickTime when handling FlashPix files can be exploited to cause a buffer overflow via a specially crafted file. 25) An error in QuickTime when handling FLIC files can be exploited to cause a buffer overflow via a specially crafted file. 26) An error in the SMB File Server when guest access is disabled for a share point record for a folder can be exploited to access the share point using a guest user "nobody". 27) An error in the User Documentation due to App Store help content being updated over HTTP can be exploited to inject arbitrary AppleScript and Python code into the update via a Man-in-the-Middle (MitM) attack. Successful exploitation of vulnerabilities #3 - #5, #8, #20, #22 - #25, and #27 may allow execution of arbitrary code. SOLUTION: Update to version 10.7.2 or apply Security Update 2011-006. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 3, 8, 11, 12, 16, 20, 26) Reported by the vendor. 21, 27) Aaron Sigel, vtty.com 27) Brian Mastenbrook, vtty.com The vendor also credits the following people: 2) An anonymous person 4) Will Dormann, the CERT/CC 5) Steven Michaud, Mozilla 6) Martin Tessarek, Steve Riggins, Geeks R Us, Justin C. Walker, and Stephen Creswell 7) Erling Ellingsen, Facebook 9) Clint Tseng, University, Washington, Michael Kobb, and Adam Kemp 10) Judson Powers, ATC-NY 13) Passware, Inc. 14) Gordon Davisson, Crywolf, Linc Davis, R. Dormer, and Allan Schmid and Oliver Jeckel, brainworks Training 15) Richard Godbee, Virginia Tech 17) Arek Dreyer, Dreyer Network Consultants, Inc, 17, 18) Patrick Dunstan, defenceindepth.net 19) Jeffry Strunk, The University, Texas at Austin, Steven Eppler, Colorado Mesa University, Hugh Cole-Baker, and Frederic Metoz, Institut de Biologie Structurale 22) Luigi Auriemma via ZDI 23) An anonymous person via ZDI 24) Damian Put via ZDI 25) Matt 'j00ru' Jurczyk via ZDI ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5002 vtty.com: http://vttynotes.blogspot.com/2011/10/summary-of-vulnerability-write-ups-on.html http://vttynotes.blogspot.com/2011/10/cve-2011-3224-mitm-to-rce-with-mac-app.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 19:22:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 04:22:50 +0200 Subject: [SEC] [SA46418] Apple Pages for iOS OfficeArtMetafileHeader Record Parsing Vulnerability Message-ID: <201110140222.p9E2Movt001557@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple Pages for iOS OfficeArtMetafileHeader Record Parsing Vulnerability SECUNIA ADVISORY ID: SA46418 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46418/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46418 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46418/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46418/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46418 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Apple Pages for iOS, which can be exploited by malicious people to compromise a user's device. The vulnerability is caused due to a boundary error when parsing an OfficeArtMetafileHeader record and can be exploited to cause a buffer overflow. For more information see vulnerability #29 in: SA43814 The vulnerability is reported in versions prior to 1.5. SOLUTION: Update to version 1.5 available via the iTunes Store. PROVIDED AND/OR DISCOVERED BY: Charlie Miller and Dion Blazakis via ZDI. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5003 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 19:52:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 04:52:58 +0200 Subject: [SEC] [SA46412] Apple Safari Multiple Vulnerabilities Message-ID: <201110140252.p9E2qv0F024815@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple Safari Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46412 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46412/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46412 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46412/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46412/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46412 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and multiple vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to bypass certain security restrictions, conduct cross-site scripting attacks, disclose potentially sensitive information, and compromise a user's system. 1) An input sanitation error within the handling of "safari-extension://" URLs can be exploited to e.g. execute arbitrary JavaScript code within the context of installed Safari extensions and disclose local files via directory traversal attacks. 2) A policy error within the handling of "file://" URLs can be exploited to execute arbitrary local applications. Note: This vulnerability does not affect the Windows platform. 3) An error within the handling of SSL certificates can be exploited to trigger an access of uninitialised memory and potentially execute arbitrary code. Note: This vulnerability does not affect OS X Lion or the Windows platform. 4) Multiple vulnerabilities in WebKit can be exploited by malicious people to cause a crash or compromise a user's system. For more information: SA44375 SA45097 SA45498 SA46049 SA46171 SA46339 5) An error exists within the handling of the beforeload event. For more information see vulnerability #22 in: SA45498 6) An error exists within the handling of the window.open method. For more information see vulnerability #28 in: SA45498 7) An error exists within the handling of the document.documentURI property. For more information see vulnerability #29 in: SA45498 8) A cross-origin error exists within the handling of inactive DOM windows, which can be exploited to conduct cross-site scripting attacks. 9) A logic error within the handling of cookies in the Private Browsing mode can lead to cookies being stored although the "Block cookies" option is set to "Always". Note: This does not affect the Windows platform. SOLUTION: Update to version 5.1.1. PROVIDED AND/OR DISCOVERED BY: 1, 2) Aaron Sigel The vendor credits: 3) Jason Broccardo, Fermi National Accelerator Laboratory 8) Sergey Glazunov 9) John Adamczyk The vendor provides a bundled list of credits for vulnerabilities in #4: * Jose A. Vazquez, spa-s3c.blogspot.com * Abhishek Arya (Inferno), Google Chrome Security Team * Cris Neckar, Google Chrome Security Team * miaubiz * Adam Barth and Abhishek Arya, Google Chrome Security Team * Mikolaj Malecki, Samsung * SkyLined, Google Chrome Security Team * Martin Barbella * Raman Tenneti and Philip Rogers, Google * Aki Helin, OUSPG * Sadrul Habib Chowdhury, Chromium development community * Dimitri Glazkov, Kent Tamura, and Dominic Cooney, Chromium development community * Slawomir Blazek * Apple ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5000 Aaron Sigel: http://vttynotes.blogspot.com/2011/10/cve-2011-3230-launch-any-file-path-from.html http://vttynotes.blogspot.com/2011/10/cve-2011-3229-steal-files-and-inject-js.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 20:15:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 05:15:44 +0200 Subject: [SEC] [SA46386] Simple Machines Forum Multiple Vulnerabilities Message-ID: <201110140315.p9E3Fis2015233@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Simple Machines Forum Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46386 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46386/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46386 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46386/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46386/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46386 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Simple Machines Forum, where some have unknown impact and others can be exploited by malicious people to conduct spoofing and cross-site request forgery attacks. 1) The application sends a sensitive token via the URL, which can be exploited to conduct cross-site request forgery attacks. 2) Errors related to HTML entities can be exploited to perform certain injections and conduct spoofing attacks. The vulnerabilities are reported in the following versions: * Simple Machines Forum 1.x versions prior to 1.1.15. * Simple Machines Forum 2.x versions prior to 2.0.1. SOLUTION: Update to version 1.1.15 or version 2.0.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.simplemachines.org/community/index.php?topic=452888.0 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 20:51:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 05:51:48 +0200 Subject: [SEC] [SA46419] Apple Numbers for iOS Two Vulnerabilities Message-ID: <201110140351.p9E3pmqC006308@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple Numbers for iOS Two Vulnerabilities SECUNIA ADVISORY ID: SA46419 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46419/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46419 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46419/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46419/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46419 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Apple Numbers for iOS, which can be exploited by malicious people to compromise a user's device. 1) A boundary error within the processing of Microsoft Office files can be exploited to cause a buffer overflow, which may allow execution of arbitrary code. 2) An error when processing Excel files can be exploited to corrupt memory resulting in values from the file being treated as function pointers via a specially crafted Excel record. For more information: SA42151 The vulnerabilities are reported in versions prior to 1.5. SOLUTION: Update to version 1.5 available via the iTunes Store. PROVIDED AND/OR DISCOVERED BY: 1) Reported by the vendor. 2) Tobias Klein via iDefense. ORIGINAL ADVISORY: Apple: http://support.apple.com/kb/HT5004 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 21:22:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 06:22:45 +0200 Subject: [SEC] [SA46363] Gentoo update for dovecot Message-ID: <201110140422.p9E4MjLc029558@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for dovecot SECUNIA ADVISORY ID: SA46363 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46363/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46363 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46363/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46363/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46363 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for dovecot. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges, by malicious users to bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system, and by malicious people to cause a DoS (Denial of Service). For more information: SA36698 SA37443 SA38881 SA40723 SA41723 SA44683 SOLUTION: Update to version "net-mail/dovecot-1.2.17" or later. ORIGINAL ADVISORY: GLSA 201110-04: http://security.gentoo.org/glsa/glsa-201110-04.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 21:56:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 06:56:18 +0200 Subject: [SEC] [SA46325] FluxBB "X-Forwarded-For" SQL Injection Vulnerability Message-ID: <201110140456.p9E4uIN8020517@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: FluxBB "X-Forwarded-For" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46325 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46325/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46325 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46325/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46325/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46325 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in FluxBB, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "X-Forwarded-For" HTTP header to e.g. register.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "FORUM_BEHIND_REVERSE_PROXY" is defined. The vulnerability is confirmed in version 1.4.6. Prior versions may also be affected. SOLUTION: Update to version 1.4.7. PROVIDED AND/OR DISCOVERED BY: The vendor credits Roman. B. ORIGINAL ADVISORY: http://fluxbb.org/forums/viewtopic.php?id=5751 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 13 22:17:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 07:17:57 +0200 Subject: [SEC] [SA46054] Snort Report "target" Two Command Injection Vulnerabilities Message-ID: <201110140517.p9E5HveY010846@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Snort Report "target" Two Command Injection Vulnerabilities SECUNIA ADVISORY ID: SA46054 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46054/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46054 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46054/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46054/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46054 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in Snort Report, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "target" parameter to nmap.php and nbtscan.php is not properly sanitised before being used in "exec()" calls. This can be exploited to inject and execute arbitrary shell commands. The vulnerabilities are confirmed in version 1.3.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Paul Rascagneres ORIGINAL ADVISORY: http://www.symmetrixtech.com/articles/news-016.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 10:36:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 19:36:43 +0200 Subject: [SEC] [SA46375] Opera Nested SVG Content Processing Code Execution Vulnerability Message-ID: <201110141736.p9EHah07005245@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Opera Nested SVG Content Processing Code Execution Vulnerability SECUNIA ADVISORY ID: SA46375 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46375/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46375 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46375/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46375/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46375 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Jose A. Vazquez has discovered a vulnerability in Opera, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when processing SVG content nested within a frameset and can be exploited via a specially crafted web page. Successful exploitation allows execution of arbitrary code. This may be related to: SA44611 The vulnerability is confirmed in version 11.51 Build 1087. Other versions may also be affected. SOLUTION: Do not browse untrusted sites or follow untrusted links. PROVIDED AND/OR DISCOVERED BY: Jose A. Vazquez ORIGINAL ADVISORY: http://spa-s3c.blogspot.com/2011/10/spas3c-sv-006opera-browser-101112-0-day.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 11:36:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 20:36:29 +0200 Subject: [SEC] [SA46445] Ubuntu update for quassel Message-ID: <201110141836.p9EIaTBa029955@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for quassel SECUNIA ADVISORY ID: SA46445 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46445/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46445 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46445/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46445/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46445 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for quassel. This fixes a weakness, which can be exploited by malicious, local users to disclose sensitive information. The weakness is caused due to insecure permissions of the data and logging folders and can be exploited to disclose e.g. the SSL certificate used by the quasselcore daemon. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Felix Geyer ORIGINAL ADVISORY: USN-1230-1: http://www.ubuntu.com/usn/usn-1230-1/ https://bugs.launchpad.net/ubuntu/+source/quassel/+bug/846922 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 12:36:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 21:36:11 +0200 Subject: [SEC] [SA46322] Gentoo update for adobe-flash Message-ID: <201110141936.p9EJaBK7022238@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for adobe-flash SECUNIA ADVISORY ID: SA46322 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46322/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46322 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46322/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46322/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46322 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for adobe-flash. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct cross-site scripting attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user's system. For more information: SA43207 SA43267 SA43751 SA43811 SA44119 SA44846 SA44964 SA45583 SA46113 SOLUTION: Update to "www-plugins/adobe-flash-10.3.183.10" or later. ORIGINAL ADVISORY: GLSA 201110-11: http://www.gentoo.org/security/en/glsa/glsa-201110-11.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 13:35:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 22:35:33 +0200 Subject: [SEC] [SA46376] Red Hat update for pidgin Message-ID: <201110142035.p9EKZXrJ014509@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for pidgin SECUNIA ADVISORY ID: SA46376 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46376/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46376 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46376/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46376/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46376 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for pidgin. This fixes two weaknesses, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA43695 SA46298 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1371-1: https://rhn.redhat.com/errata/RHSA-2011-1371.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 14:30:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 23:30:11 +0200 Subject: [SEC] [SA46353] Gentoo update for conky Message-ID: <201110142130.p9ELUB8a006532@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for conky SECUNIA ADVISORY ID: SA46353 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46353/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46353 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46353/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46353/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46353 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for conky. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA43225 SOLUTION: Update to "app-admin/conky-1.8.1-r2" or later. ORIGINAL ADVISORY: GLSA 201110-09: http://www.gentoo.org/security/en/glsa/glsa-201110-09.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 14:50:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 14 Oct 2011 23:50:57 +0200 Subject: [SEC] [SA46424] Sybase M-Business Anywhere Two Unspecified Privilege Escalation Vulnerabilities Message-ID: <201110142150.p9ELovvf029256@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Sybase M-Business Anywhere Two Unspecified Privilege Escalation Vulnerabilities SECUNIA ADVISORY ID: SA46424 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46424/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46424 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46424/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46424/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46424 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Sybase M-Business Anywhere, which can be exploited by malicious users to gain escalated privileges. The vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in the following versions: * M-Business Anywhere server 6.7 (earlier than Windows Build255, SunOS Build257, Linux Build256) and prior. * M-Business Anywhere server 7.0 (earlier than Windows Build669, SunOS Build670, Linux Build671) and prior. SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.sybase.com/detail?id=1095200 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 15:16:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 00:16:34 +0200 Subject: [SEC] [SA46430] PROMOTIC Directory Traversal and ActiveX Control Buffer Overflow Vulnerabilities Message-ID: <201110142216.p9EMGYAL019836@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: PROMOTIC Directory Traversal and ActiveX Control Buffer Overflow Vulnerabilities SECUNIA ADVISORY ID: SA46430 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46430/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46430 RELEASE DATE: 2011-10-14 DISCUSS ADVISORY: http://secunia.com/advisories/46430/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46430/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46430 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered multiple vulnerabilities in PROMOTIC, which can be exploited by malicious people to disclose potentially sensitive information and compromise a user's system. 1) Input passed via the URL within the "/webdir/" directory is not properly verified before being used to read files and can be exploited to disclose arbitrary files via directory traversal attacks. 2) A boundary error in the "SaveCfg()" method within the PmTrendViewer ActiveX control can be exploited to cause a stack-based buffer overflow via an overly long string passed in the "vCfg" parameter. 3) A boundary error in the "AddTrend()" method within the PmTrendViewer ActiveX control can be exploited to cause a heap-based buffer overflow via an overly long string passed in the "sID" parameter. Successful exploitation of vulnerabilities #2 and #3 allows execution of arbitrary code. The vulnerabilities are confirmed in version 8.1.3. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/promotic_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 15:50:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 00:50:28 +0200 Subject: [SEC] [SA46324] Gentoo update for wget Message-ID: <201110142250.p9EMoSec010799@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for wget SECUNIA ADVISORY ID: SA46324 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46324/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46324 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46324/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46324/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46324 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for wget. This fixes a weakness, which can be exploited by malicious people to bypass certain security features. For more information: SA40861 SOLUTION: Update to "net-misc/wget-1.12-r2" or later. ORIGINAL ADVISORY: GLSA 201110-10: http://www.gentoo.org/security/en/glsa/glsa-201110-10.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 16:16:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 01:16:57 +0200 Subject: [SEC] [SA46434] WordPress Contact Form Plugin "wpcf_easyform_formid" SQL Injection Vulnerability Message-ID: <201110142316.p9ENGvfF001360@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Contact Form Plugin "wpcf_easyform_formid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46434 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46434/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46434 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46434/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46434/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46434 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Contact Form plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "wpcf_easyform_formid" parameter to index.php (when "wpcf_easyform_submitted" is set to "1") is not properly sanitised in the "the_content()" function in wp-content/plugins/contact-form-wordpress/easy-form.class.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.7.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Skraps ORIGINAL ADVISORY: http://wordpress.org/support/topic/sql-injection-vulnurability-in-contact-form-wordpress OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 16:53:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 01:53:01 +0200 Subject: [SEC] [SA46446] EC-CUBE Two Unspecified SQL Injection Vulnerabilities Message-ID: <201110142353.p9ENr1PD024906@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: EC-CUBE Two Unspecified SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46446 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46446/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46446 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46446/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46446/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46446 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in EC-CUBE, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised in data/class/SC_Query.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions 2.11.0 through 2.11.2. SOLUTION: Update to version 2.11.3. PROVIDED AND/OR DISCOVERED BY: JVN credits Tsukada Nobuhisa, Seasoft. ORIGINAL ADVISORY: JVN (English): http://jvn.jp/en/jp/JVN44496332/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000087.html JVN (Japanese): http://jvn.jp/jp/JVN44496332/index.html LOCKON: http://www.ec-cube.net/release/detail.php?release_id=286 http://www.ec-cube.net/info/weakness/weakness.php?id=38 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 17:19:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 02:19:00 +0200 Subject: [SEC] [SA46356] Gentoo update for feh Message-ID: <201110150019.p9F0J0PZ015483@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for feh SECUNIA ADVISORY ID: SA46356 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46356/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46356 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46356/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46356/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46356 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for feh. This fixes a weakness and a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to potentially compromise a user's system. For more information: SA43221 1) The weakness is caused due to an error in the "feh_http_load_image()" function (src/imlib.c) when using the "--wget-timestamp" command line option. This can be exploited to inject arbitrary shell commands into an URL passed as command line argument, which will be executed, if a user is tricked into opening a specially crafted URL using the "--wget-timestamp" command line option. SOLUTION: Update to "media-gfx/feh-1.12" or later. PROVIDED AND/OR DISCOVERED BY: 1) Disclosed in a GIT commit. ORIGINAL ADVISORY: GLSA 201110-08: http://www.gentoo.org/security/en/glsa/glsa-201110-08.xml feh: http://git.finalrewind.org/feh/patch/?id=ae56ce24b10767800b1715e7e68b41c7d3571b4c OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 17:51:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 02:51:25 +0200 Subject: [SEC] [SA46441] Joomla! eTree Component "id" and "user_id" SQL Injection Vulnerabilities Message-ID: <201110150051.p9F0pPI3006381@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! eTree Component "id" and "user_id" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46441 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46441/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46441 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46441/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46441/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46441 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the eTree component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" and "user_id" parameters to index.php (when "option" is set to "com_directorytree", "view" is set to "displays", and "layout" is set to "user") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 1.5.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Sid3^effects OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 18:15:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 03:15:56 +0200 Subject: [SEC] [SA46384] Fedora update for openswan Message-ID: <201110150115.p9F1Fumn029285@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for openswan SECUNIA ADVISORY ID: SA46384 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46384/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46384 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46384/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46384/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46384 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for openswan. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46327 SOLUTION: Apply updated packages via the yum utility ("yum update openswan"). ORIGINAL ADVISORY: FEDORA-2011-13864: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068045.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 18:51:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 03:51:37 +0200 Subject: [SEC] [SA46388] Fedora update for cyrus-imapd Message-ID: <201110150151.p9F1pbST020374@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for cyrus-imapd SECUNIA ADVISORY ID: SA46388 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46388/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46388 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46388/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46388/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46388 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for cyrus-imapd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and by malicious users to compromise a vulnerable system. For more information: SA45938 SA46093 SOLUTION: Apply updated packages via the yum utility ("yum update cyrus-imapd"). ORIGINAL ADVISORY: FEDORA-2011-13869: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068024.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 19:21:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 04:21:43 +0200 Subject: [SEC] [SA46366] Debian update for moin Message-ID: <201110150221.p9F2LhKZ011628@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for moin SECUNIA ADVISORY ID: SA46366 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46366/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46366 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46366/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46366/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46366 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for moin. This fixes a vulnerability, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA43413 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2321-1: http://www.debian.org/security/2011/dsa-2321 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 19:51:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 04:51:19 +0200 Subject: [SEC] [SA46367] Kent Web Forum Unspecified Cross-Site Scripting Vulnerability Message-ID: <201110150251.p9F2pJ3E002338@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Kent Web Forum Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46367 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46367/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46367 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46367/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46367/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46367 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability have been reported in Kent Web Forum, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 5.1 and prior. SOLUTION: Update to a version later than 5.1. PROVIDED AND/OR DISCOVERED BY: JVN credits ISHIBASHI, Tsuyoshi of Mitsui Bussan Secure Directions Inc. ORIGINAL ADVISORY: JVN#36684331 (English): http://jvn.jp/en/jp/JVN36684331/index.html JVN#36684331 (Japanese): http://jvn.jp/jp/JVN36684331/index.html JVNDB-2011-000080: http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000080.html Kent Web Forum: http://www.kent-web.com/bbs/wforum.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 20:15:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 05:15:24 +0200 Subject: [SEC] [SA46385] HP Onboard Administrator Unspecified Security Bypass Vulnerability Message-ID: <201110150315.p9F3FOOu025285@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: HP Onboard Administrator Unspecified Security Bypass Vulnerability SECUNIA ADVISORY ID: SA46385 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46385/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46385 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46385/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46385/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46385 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP Onboard Administrator, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an unspecified error and can be exploited to gain certain unauthorized access. The vulnerability is reported in versions 3.21 through 3.31. SOLUTION: Update to version 3.32. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBMU02710 SSRT100601: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03048779 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 20:50:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 05:50:13 +0200 Subject: [SEC] [SA46338] atvise webMI2ADS Multiple Vulnerabilities Message-ID: <201110150350.p9F3oDi9016297@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: atvise webMI2ADS Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46338 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46338/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46338 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46338/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46338/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46338 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has reported multiple vulnerabilities in atvise webMI2ADS, which can be exploited by malicious people to disclose potentially sensitive information and cause a DoS (Denial of Service). 1) Input passed via the URL is not properly verified before being used to read files. This can be exploited to read arbitrary files via directory traversal attacks. 2) A NULL pointer dereference error within the basic access authentication can be exploited to crash the server by sending a specially crafted "Authorization" HTTP header. 3) The application does not properly restrict access to the "shutdown" page, which can be exploited to terminate the service. 4) An error within the processing of the "Content-Length" HTTP header can be exploited to cause a huge CPU and memory resource consumption by sending HTTP request containing a negative content length. The vulnerabilities are reported in version 1.0 for Windows XP Embedded. Other versions may also be affected. SOLUTION: Use a proxy or firewall to filter malicious requests. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/webmi2ads_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 21:16:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 06:16:03 +0200 Subject: [SEC] [SA46276] KaiBB Two SQL Injection Vulnerabilities Message-ID: <201110150416.p9F4G3HW006855@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: KaiBB Two SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46276 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46276/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46276 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46276/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46276/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46276 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in KaiBB, which can be exploited by malicious people to conduct SQL injection attacks. 1) Input passed via the "forum" parameter to rss.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. 2) Input appended to the URL after e.g. index.php is not properly sanitised in inc/header.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Note: This vulnerability can further be exploited to conduct cross-site scripting attacks via SQL error messages. The vulnerabilities are confirmed in version 2.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Independently discovered by Morten Bartvig, Secunia and Stefan Schurtz. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2011-72/ SSCHADV2011-027: http://www.rul3z.de/advisories/SSCHADV2011-027.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 21:51:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 06:51:02 +0200 Subject: [SEC] [SA46342] Gentoo update for openssl Message-ID: <201110150451.p9F4p2Fv030304@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for openssl SECUNIA ADVISORY ID: SA46342 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46342/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46342 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46342/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46342/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46342 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for openssl. This fixes multiple vulnerabilities, where one has unknown impacts and others can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, manipulate certain data, cause a DoS (Denial of Service), conduct spoofing attacks, and compromise an application using the library. For more information: SA37291 SA38200 SA38807 SA40024 SA40906 SA42243 SA42473 SA42469 SA43227 SA45781 SOLUTION: Update to version "dev-libs/openssl-1.0.0e" or later. ORIGINAL ADVISORY: GLSA 201110-01: http://security.gentoo.org/glsa/glsa-201110-01.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 14 22:18:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 07:18:40 +0200 Subject: [SEC] [SA46164] Debian update for bugzilla Message-ID: <201110150518.p9F5Ielc020980@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for bugzilla SECUNIA ADVISORY ID: SA46164 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46164/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46164 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46164/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46164/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46164 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for bugzilla. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to gain access to potentially sensitive information, by malicious users to conduct script insertion attacks, and by malicious people to disclose potentially sensitive information, conduct HTTP response splitting, cross-site request forgery, and spoofing attacks, and bypass certain security restrictions. For more information: SA43033 SA45501 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2322-1: http://www.debian.org/security/2011/dsa-2322 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 10:35:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 19:35:48 +0200 Subject: [SEC] [SA46378] JAKCMS "userpost" Script Insertion Vulnerability Message-ID: <201110151735.p9FHZmfL015293@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: JAKCMS "userpost" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46378 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46378/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46378 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46378/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46378/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46378 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in JAKCMS, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the "userpost" parameter to index.php (when "p" is set to "pm", "w" is set, "id" is set to "write", and "touser" is set to a valid user) is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is confirmed in version 2.0.4.1. Other versions may also be affected. SOLUTION: Update to version 2.2.6 dated 2011-09-23 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits Hari. ORIGINAL ADVISORY: JAKCMS: http://www.jakcms.com/tracker/t/62/cross-site-scripting-flaw OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 11:35:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 20:35:36 +0200 Subject: [SEC] [SA46343] Gentoo update for wireshark Message-ID: <201110151835.p9FIZahb007567@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for wireshark SECUNIA ADVISORY ID: SA46343 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46343/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46343 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46343/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46343/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46343 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise a user's system. For more information: SA40112 SA40783 SA41064 SA41535 SA42290 SA42767 SA43821 SA43554 SA44172 SA44449 SA45086 SA45927 SOLUTION: Update to version "net-analyzer/wireshark-1.4.9" or later. ORIGINAL ADVISORY: GLSA 201110-02: http://security.gentoo.org/glsa/glsa-201110-02.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 12:36:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 21:36:50 +0200 Subject: [SEC] [SA46368] Joomla! Barter Component Multiple Vulnerabilities Message-ID: <201110151936.p9FJao9D032360@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! Barter Component Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46368 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46368/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46368 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46368/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46368/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46368 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in the Barter component for Joomla!, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Input passed via the "listing", "homeurl", and "paystring" POST parameters to index.php (when "option" is set to "com_listing" and "task" is set to "listingsave") is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) Input passed via the "desired_quantity" parameter to index.php (when "option" is set to "com_listing", "task" is set to "offersave", and "item_id" is set to a valid id) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "category_id" parameter to index.php (when "option" is set to "com_listing" and "task" is set to "browse") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 1.3. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Sid3^effects OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 13:36:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 22:36:29 +0200 Subject: [SEC] [SA46267] Joomla! Time Returns Component "id" SQL Injection Vulnerability Message-ID: <201110152036.p9FKaTsb024646@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! Time Returns Component "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46267 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46267/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46267 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46267/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46267/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46267 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Time Returns component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "option" is set to "com_timereturns" and "view" is set to "timereturns") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: kaMtiEz OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 14:30:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 23:30:31 +0200 Subject: [SEC] [SA46283] GenStat Book / Spreadsheet File Processing Two Vulnerabilities Message-ID: <201110152130.p9FLUVd9016657@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: GenStat Book / Spreadsheet File Processing Two Vulnerabilities SECUNIA ADVISORY ID: SA46283 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46283/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46283 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46283/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46283/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46283 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has reported two vulnerabilities in GenStat, which can be exploited by malicious people to compromise a user's system. 1) An array-indexing error when processing Book (GWB) files can be exploited to corrupt memory via a specially crafted ".gwb" file. 2) An error when processing Spreadsheet (GSH) files can be exploited to cause a heap-based buffer overflow via a specially crafted ".gsh" file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerabilities are reported in version 14.1.0.5943. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/genstat_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 14:51:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 15 Oct 2011 23:51:35 +0200 Subject: [SEC] [SA46395] Kent Web Forum Unspecified Cross-Site Scripting Vulnerability Message-ID: <201110152151.p9FLpZ11006966@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Kent Web Forum Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46395 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46395/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46395 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46395/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46395/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46395 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability have been reported in Kent Web Forum, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input via POST requests is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 6.3 and prior. SOLUTION: Update to version 6.4 or later. PROVIDED AND/OR DISCOVERED BY: JVN credits ISHIBASHI, Tsuyoshi of Mitsui Bussan Secure Directions Inc. ORIGINAL ADVISORY: JVN (English): http://jvn.jp/en/jp/JVN89764731/index.html http://jvn.jp/en/jp/JVN80971236/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000081.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000082.html JVN (Japanese): http://jvn.jp/jp/JVN89764731/index.html http://jvn.jp/jp/JVN80971236/index.html Kent Web Forum: http://www.kent-web.com/bbs/wforum.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 15:16:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 00:16:24 +0200 Subject: [SEC] [SA46361] Debian update for dokuwiki Message-ID: <201110152216.p9FMGOvs029901@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for dokuwiki SECUNIA ADVISORY ID: SA46361 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46361/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46361 RELEASE DATE: 2011-10-15 DISCUSS ADVISORY: http://secunia.com/advisories/46361/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46361/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46361 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for dokuwiki. This fixes a vulnerability, which can be exploited by malicious people to conduct script insertion attacks. For more information: SA45009 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2320-1: http://www.debian.org/security/2011/dsa-2320 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 15:54:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 00:54:04 +0200 Subject: [SEC] [SA46351] ICONICS GENESIS32 Multiple Memory Corruption Vulnerabilities Message-ID: <201110152254.p9FMs4rw021073@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: ICONICS GENESIS32 Multiple Memory Corruption Vulnerabilities SECUNIA ADVISORY ID: SA46351 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46351/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46351 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46351/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46351/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46351 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in ICONICS GENESIS32, which can be exploited by malicious people to compromise a user's system. 1) Some errors in the ScriptWorX32 component can be exploited to corrupt memory via a specially crafted file. 2) Some errors in the AlarmWorX32 component can be exploited to corrupt memory via a specially crafted file. 3) Some errors in the TrendWorX32 component can be exploited to corrupt memory via a specially crafted file. 4) Some errors in the GraphWorX32 component can be exploited to corrupt memory via a specially crafted file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerabilities are reported in versions 8.05, 9.0, 9.1, and 9.2. SOLUTION: Apply patches (contact the vendor for further information). PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Billy Rios and Terry McCorkle. ORIGINAL ADVISORY: ICS-CERT (ICSA-11-273-01): http://www.us-cert.gov/control_systems/pdf/ICSA-11-273-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 16:19:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 01:19:47 +0200 Subject: [SEC] [SA46372] SUSE update for kernel Message-ID: <201110152319.p9FNJlPA011634@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA46372 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46372/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46372 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46372/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46372/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46372 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes two weakness and a vulnerability, which can be exploited by malicious, local users and malicious people to cause a DoS (Denial of Service). For more information: SA45489 SA45695 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1100-1: http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00002.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 16:55:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 01:55:09 +0200 Subject: [SEC] [SA46373] Xerox ColorQube Authentication Bypass Vulnerability Message-ID: <201110152355.p9FNt91d002672@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Xerox ColorQube Authentication Bypass Vulnerability SECUNIA ADVISORY ID: SA46373 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46373/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46373 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46373/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46373/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46373 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Xerox ColorQube, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an unspecified error within the authentication mechanism in the web interface and can be exploited to e.g. change system configuration via a specially crafted sequence of commands. The vulnerability is reported in the following products: * Xerox ColorQube 9301 * Xerox ColorQube 9302 * Xerox ColorQube 9393 SOLUTION: Apply patch CQ93xx_P48v1.dlm. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.xerox.com/download/security/security-bulletin/127873b-15292-4aeb8bc95ec00/cert_XRX11-004-v1.02.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 17:23:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 02:23:42 +0200 Subject: [SEC] [SA46387] Vanilla Forums Security Bypass and Cookie Disclosure Vulnerabilities Message-ID: <201110160023.p9G0NgKO025818@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Vanilla Forums Security Bypass and Cookie Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA46387 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46387/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46387 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46387/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46387/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46387 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Vanilla Forums, which can be exploited by malicious people to disclose sensitive information and bypass certain security restrictions. 1) An error within the handling of cookies can be exploited to disclose cookie information. The vulnerability is reported in versions prior to 2.0.17.9. 2) An error within the access control of the Facebook, Twitter, and Embed plugins can be used to bypass certain security restrictions. The vulnerabilities are reported in versions prior to 2.0.17.10. SOLUTION: Update to version 2.0.17.10. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://vanillaforums.org/discussion/14397/vanilla-2.0.17-released OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 17:54:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 02:54:58 +0200 Subject: [SEC] [SA46379] MatrixSSL SSL/TLS Initialization Vector Selection Weakness Message-ID: <201110160054.p9G0swRG016653@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: MatrixSSL SSL/TLS Initialization Vector Selection Weakness SECUNIA ADVISORY ID: SA46379 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46379/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46379 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46379/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46379/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46379 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in MatrixSSL, which can be exploited by malicious people to disclose potentially sensitive information and hijack a user's session. The weakness is caused due to a design error in the Secure Sockets Layer 3.0 (SSL) and Transport Layer Security 1.0 (TLS) protocols when selecting a Initialization Vector (IV) used with symmetric cipher suites in CBC mode (e.g. AES). This can be exploited to conduct a chosen-plaintext attack which would allow the decryption of e.g HTTPS sessions via a Man-in-the-Middle (MitM) attack. The weakness is reported in versions prior to 3.2.2. SOLUTION: Update to version 3.2.2 and use the "USE_BEAST_WORKAROUND" compile time define (default). PROVIDED AND/OR DISCOVERED BY: Reported by Thai Duong and Juliano Rizzo. ORIGINAL ADVISORY: MatrixSSL: http://www.matrixssl.org/archives/000163.html http://www.matrixssl.org/archives/000164.html Thai Duong: http://vnhacker.blogspot.com/2011/09/beast.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 18:18:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 03:18:04 +0200 Subject: [SEC] [SA46392] Fedora update for php Message-ID: <201110160118.p9G1I4RJ007088@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for php SECUNIA ADVISORY ID: SA46392 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46392/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46392 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46392/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46392/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46392 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for php. This fixes a security issue, which potentially can be exploited by malicious people to compromise a vulnerable system. For more information: SA46107 SOLUTION: Apply updated packages via the yum utility ("yum update php"). ORIGINAL ADVISORY: FEDORA-2011-13458: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067423.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 18:51:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 03:51:33 +0200 Subject: [SEC] [SA46391] Fedora update for thunderbird Message-ID: <201110160151.p9G1pXwr030460@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for thunderbird SECUNIA ADVISORY ID: SA46391 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46391/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46391 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46391/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46391/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46391 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for thunderbird. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA46205 SOLUTION: Apply updated packages via the yum utility ("yum update thunderbird"). ORIGINAL ADVISORY: FEDORA-2011-13450: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067444.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 19:22:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 04:22:12 +0200 Subject: [SEC] [SA46269] Arora Certificate Text Format Enforce Vulnerability Message-ID: <201110160222.p9G2MC9u022391@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Arora Certificate Text Format Enforce Vulnerability SECUNIA ADVISORY ID: SA46269 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46269/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46269 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46269/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46269/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46269 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Tim Brown has discovered a vulnerability in Arora, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to Arora not properly setting the text format when displaying certificate information, which can be exploited to spoof certificates via e.g. certificates containing specially crafted RTF data in the Common Name (CN) field. The vulnerability is confirmed in version 0.11.0. Other versions may also be affected. SOLUTION: Do not rely on the displayed certificate information. PROVIDED AND/OR DISCOVERED BY: Tim Brown, Nth Dimension. ORIGINAL ADVISORY: Tim Brown: http://archives.neohapsis.com/archives/fulldisclosure/2011-10/att-0353/NDSA20111003.txt.asc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 19:51:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 04:51:00 +0200 Subject: [SEC] [SA46253] OfficeWatch Call Accounting Directory Traversal Vulnerability Message-ID: <201110160251.p9G2p0tg010621@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: OfficeWatch Call Accounting Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA46253 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46253/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46253 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46253/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46253/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46253 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in OfficeWatch Call Accounting, which can be exploited by malicious people to disclose sensitive information. Certain input passed to the web interface is not properly verified before being used. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks. The vulnerability is reported in version 2011.06.20. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Chris Graham and r at b13$, Digital Defense. ORIGINAL ADVISORY: http://archives.neohapsis.com/archives/fulldisclosure/2011-10/0117.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 20:18:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 05:18:15 +0200 Subject: [SEC] [SA46349] Psi Certificate Text Format Enforce Vulnerability Message-ID: <201110160318.p9G3IFce001234@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Psi Certificate Text Format Enforce Vulnerability SECUNIA ADVISORY ID: SA46349 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46349/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46349 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46349/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46349/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46349 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Tim Brown has discovered a vulnerability in Psi, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to Psi not properly setting the text format when displaying certificate information, which can be exploited to spoof certificates via e.g. certificates containing specially crafted RTF data in the Common Name (CN) field. The vulnerability is confirmed in version 0.14.0. Other versions may also be affected. SOLUTION: Do not rely on the displayed certificate information. PROVIDED AND/OR DISCOVERED BY: Tim Brown, Nth Dimension. ORIGINAL ADVISORY: Tim Brown: http://archives.neohapsis.com/archives/fulldisclosure/2011-10/att-0353/NDSA20111003.txt.asc OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 20:52:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 05:52:02 +0200 Subject: [SEC] [SA46345] WordPress Eventify Plugin "npath" File Inclusion Vulnerability Message-ID: <201110160352.p9G3q2kG024649@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Eventify Plugin "npath" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA46345 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46345/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46345 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46345/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46345/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46345 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Eventify plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "npath" parameter to wp-content/plugins/eventify/php/ajax/fetcheventdetails.php is not properly sanitised before being used to include files. This can be exploited to include arbitrary files from local or external resources. The vulnerability is confirmed in version 1.7.g. Prior versions may also be affected. SOLUTION: Update to version 1.7.h. PROVIDED AND/OR DISCOVERED BY: The vendor credits Mark. ORIGINAL ADVISORY: Eventify: http://wordpress.org/extend/plugins/eventify/changelog/ http://plugins.trac.wordpress.org/changeset/441308/eventify/trunk/php/ajax/fetcheventdetails.php?old=434868&old_path=eventify%2Ftrunk%2Fphp%2Fajax%2Ffetcheventdetails.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 21:18:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 06:18:57 +0200 Subject: [SEC] [SA46259] Debian update for cyrus-imapd-2.2 Message-ID: <201110160418.p9G4IvXU015283@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for cyrus-imapd-2.2 SECUNIA ADVISORY ID: SA46259 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46259/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46259 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46259/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46259/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46259 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for cyrus-imapd-2.2. This fixes two vulnerabilities, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions. For more information: SA45938 SA46093 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2318-1: http://www.debian.org/security/2011/dsa-2318 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 21:52:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 06:52:30 +0200 Subject: [SEC] [SA46292] OpenVZ update for kernel Message-ID: <201110160452.p9G4qUTk006221@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: OpenVZ update for kernel SECUNIA ADVISORY ID: SA46292 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46292/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46292 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46292/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46292/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46292 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: OpenVZ has issued an update for the kernel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive and certain system information, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people to cause a DoS (Denial of Service). For more information: SA46304 SOLUTION: Update kernel branch RHEL6 to version 042stab039.1. ORIGINAL ADVISORY: http://wiki.openvz.org/Download/kernel/rhel6/042stab039.1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 15 22:18:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 07:18:26 +0200 Subject: [SEC] [SA46255] Netvolution CMS "Referer" HTTP Header SQL Injection Vulnerability Message-ID: <201110160518.p9G5IQwZ029213@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Netvolution CMS "Referer" HTTP Header SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46255 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46255/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46255 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46255/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46255/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46255 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: census has reported a vulnerability in Netvolution CMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "Referer" HTTP header to default.asp is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in Netvolution CMS version 2.5.8 ASP. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: Patroklos Argyroudis, census ORIGINAL ADVISORY: census-2011-0001: http://census-labs.com/news/2011/10/03/netvolution-referer-SQLi/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 10:38:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 19:38:05 +0200 Subject: [SEC] [SA46311] OCS Inventory NG System Information Script Insertion Vulnerability Message-ID: <201110161738.p9GHc57p023666@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: OCS Inventory NG System Information Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46311 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46311/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46311 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46311/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46311/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46311 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Nicolas Derouet has discovered a vulnerability in OCS Inventory NG, which can be exploited by malicious people to conduct script insertion attacks. Certain system information passed via a POST request to /ocsinventory is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is confirmed in version 2.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Nicolas Derouet OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 11:38:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 20:38:02 +0200 Subject: [SEC] [SA46394] Fedora update for kernel Message-ID: <201110161838.p9GIc2JB015960@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA46394 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46394/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46394 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46394/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46394/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46394 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious, local users and by malicious people to cause a DoS (Denial of Service). For more information: SA45420 SA45533 SA45695 SOLUTION: Apply updated packages via the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2011-12874: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067409.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 12:37:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 21:37:57 +0200 Subject: [SEC] [SA46200] radvd Privilege Escalation and Denial of Service Vulnerabilities Message-ID: <201110161937.p9GJbvKS008237@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: radvd Privilege Escalation and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46200 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46200/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46200 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46200/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46200/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46200 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some security issues and vulnerabilities have been reported in radvd, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service). 1) A signedness error within the "process_ra()" function (process.c) when parsing the "ND_OPT_DNSSL_INFORMATION" option can be exploited to cause a stack-based buffer overflow. 2) An input sanitation error within the "set_interface_var()" function (device-linux.c) can be exploited to e.g. overwrite arbitrary files via directory traversal and symlink attacks. 3) The daemon does not properly terminate if the privilege separation failed, which can lead to the daemon running with higher privileges than intended. 4) Boundary errors within the "process_ra()" function (process.c) can be exploited to cause out-of-bounds reads and crash the service. 5) An error within the unicast-only mode can be exploited to cause a delay within the processing by flooding the service with ND_ROUTER_SOLICIT messages. Note: Successful exploitation of this vulnerability requires that the service is running in unicast-only mode. The security issues and vulnerabilities are reported in version 1.8.1. Prior versions may also be affected. SOLUTION: Update to version 1.8.2, which fixes vulnerabilities #1, #3, #4, and #5. Security issue #2 is fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Vasiliy Kulikov ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/10/06/3 https://github.com/reubenhwk/radvd/blob/fc207cc6a2de572226133276ee30a9a313dca902/CHANGES https://github.com/reubenhwk/radvd/commit/7a1471b62da88373e8f4209d503307c5d841b81f OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 13:39:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 22:39:17 +0200 Subject: [SEC] [SA46341] Tsmim Lessons Library Script "page" SQL Injection Vulnerability Message-ID: <201110162039.p9GKdHEE000577@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Tsmim Lessons Library Script "page" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46341 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46341/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46341 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46341/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46341/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46341 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Tsmim Lessons Library Script, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "page" parameter to show.php (when "cid" is set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: M.Jock3R OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 14:32:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 16 Oct 2011 23:32:04 +0200 Subject: [SEC] [SA46346] WordPress Flowplayer Plugin URL Cross-Site Scripting Vulnerability Message-ID: <201110162132.p9GLW42A024969@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Flowplayer Plugin URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46346 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46346/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46346 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/46346/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46346/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46346 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Flowplayer plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after wp-content/plugins/fv-wordpress-flowplayer/view/frontend-head.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.2.4 and reported in version 1.2.11. Prior versions may also be affected. SOLUTION: Update to version 1.2.12 or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Flowplayer: http://wordpress.org/extend/plugins/fv-wordpress-flowplayer/changelog/ http://plugins.trac.wordpress.org/changeset?reponame=&new=413607%40fv-wordpress-flowplayer&old=409594%40fv-wordpress-flowplayer OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 15:05:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 00:05:07 +0200 Subject: [SEC] [SA44310] IBM Lotus Notes Ichitaro Speed Reader Three Vulnerabilities Message-ID: <201110162205.p9GM57Qo015907@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM Lotus Notes Ichitaro Speed Reader Three Vulnerabilities SECUNIA ADVISORY ID: SA44310 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44310/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44310 RELEASE DATE: 2011-10-16 DISCUSS ADVISORY: http://secunia.com/advisories/44310/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44310/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44310 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered some vulnerabilities in IBM Lotus Notes, which can be exploited by malicious people to compromise a user's system. The vulnerabilities are caused due to bundling of vulnerable Autonomy Keyview speed readers. For more information: SA44225 The vulnerabilities are confirmed in version 8.5.2 FP2. Other versions may also be affected. SOLUTION: Update to version 8.5.2 Fix Pack 3 or 8.5.3. PROVIDED AND/OR DISCOVERED BY: Secunia Research ORIGINAL ADVISORY: IBM: http://www.ibm.com/support/docview.wss?uid=swg21566925 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 15:31:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 00:31:03 +0200 Subject: [SEC] [SA46224] VLC Media Player "httpd_ClientRecv()" Denial of Service Vulnerability Message-ID: <201110162231.p9GMV37o006454@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: VLC Media Player "httpd_ClientRecv()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46224 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46224/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46224 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46224/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46224/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46224 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in VLC Media Player, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error within the "httpd_ClientRecv()" function (src/network/httpd.c) and can be exploited to crash the server process by sending specially crafted HTTP or RTSP requests. Successful exploitation requires that the HTTP web interface, HTTP output, RTSP output, or RTSP VoD services are started. The vulnerability is reported in version 1.1.11. Prior versions may also be affected. SOLUTION: Apply patch or update to version 1.1.12 (currently, only the source code and Mac OS X version is available). Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Jouni Knuutinen, Codenomicon Oy. ORIGINAL ADVISORY: http://www.videolan.org/security/sa1107.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 15:53:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 00:53:59 +0200 Subject: [SEC] [SA46336] Oracle Solaris Apache HTTP Server / Apache APR Denial of Service Vulnerabilities Message-ID: <201110162253.p9GMrx18029291@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Apache HTTP Server / Apache APR Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46336 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46336/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46336 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46336/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46336/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46336 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged some vulnerabilities in Solaris, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA44490 SA44558 SA44574 SA44661 SOLUTION: Apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_portable OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 16:18:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 01:18:43 +0200 Subject: [SEC] [SA44273] Symantec Products KeyView Parsers Multiple Vulnerabilities Message-ID: <201110162318.p9GNIh1q019816@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Symantec Products KeyView Parsers Multiple Vulnerabilities SECUNIA ADVISORY ID: SA44273 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44273/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44273 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/44273/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44273/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44273 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in various Symantec products, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to the products bundling vulnerable Autonomy Keyview speed readers. For more information: SA44225 SA44624 SOLUTION: Update to fixed versions. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: Symantec (SYM11-013): http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20111006_00 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 16:54:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 01:54:27 +0200 Subject: [SEC] [SA46320] Iceni Products Flate Compression Parser Buffer Overflow Vulnerability Message-ID: <201110162354.p9GNsRag010860@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Iceni Products Flate Compression Parser Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA46320 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46320/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46320 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46320/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46320/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46320 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Iceni Products, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error when parsing flate compressed PDF files and can be exploited to cause a stack-based buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in the following products: * Argus version 6.20. * Infix PDF Editor version 5.04. SOLUTION: Do not open PDF files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Will Dormann, CERT/CC. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/225833 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 17:21:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 02:21:56 +0200 Subject: [SEC] [SA46335] WordPress User Avatar Plugin "src" Arbitrary File Upload Message-ID: <201110170021.p9H0Lucd001479@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress User Avatar Plugin "src" Arbitrary File Upload SECUNIA ADVISORY ID: SA46335 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46335/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46335 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46335/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46335/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46335 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the User Avatar plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "src" parameter in wp-content/plugins/user-avatar/user-avatar-pic.php is not properly verified before being used to cache files. This can be exploited to upload and execute arbitrary PHP files. This may be related to vulnerability #1 in: SA45416 The vulnerability is reported in versions prior to 1.4. SOLUTION: Update to version 1.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: User Avatar: http://wordpress.org/extend/plugins/user-avatar/changelog/ http://plugins.trac.wordpress.org/changeset/444447/user-avatar/trunk/user-avatar-pic.php?old=360515&old_path=user-avatar%2Ftrunk%2Fuser-avatar-pic.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 17:53:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 02:53:11 +0200 Subject: [SEC] [SA46238] Xoops Cross-Site Scripting and Script Insertion Vulnerabilities Message-ID: <201110170053.p9H0rBKS024782@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Xoops Cross-Site Scripting and Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA46238 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46238/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46238 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46238/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46238/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46238 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered two vulnerabilities in Xoops, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "text" parameter to include/formdhtmltextarea_preview.php (when "html" is set to "1") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "[img]" BBCode tag in the "message" parameter to pmlite.php is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are confirmed in version 2.5.1a. Other versions may also be affected. SOLUTION: Update to version 2.5.3. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23042: https://www.htbridge.ch/advisory/multiple_xss_in_xoops_web_application_platform.html Xoops: http://xoops.org/modules/news/article.php?storyid=6094 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 18:18:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 03:18:03 +0200 Subject: [SEC] [SA44225] Autonomy Keyview Ichitaro Speed Reader Three Vulnerabilities Message-ID: <201110170118.p9H1I3Qc015308@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Autonomy Keyview Ichitaro Speed Reader Three Vulnerabilities SECUNIA ADVISORY ID: SA44225 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/44225/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=44225 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/44225/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/44225/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=44225 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered three vulnerabilities in Autonomy Keyview, which can be exploited by malicious people to compromise a vulnerable system. 1) An integer overflow error in jtdsr.dll when parsing QLST chunks within Ichitaro documents can be exploited to cause a heap-based buffer overflow. 2) A boundary error in jtdsr.dll when parsing Ichitaro documents with a chunk containing "Text" data blocks can be exploited to cause a heap-based buffer overflow. 3) A logic error in jtdsr.dll when reconstructing text data from multiple data blocks in an Ichitaro document can be exploited to cause a heap-based buffer overflow. Successful exploitation of the vulnerabilities allows execution of arbitrary code. The vulnerabilities are confirmed in version 10.3. Other versions may also be affected. SOLUTION: Patches are available for releases 7.4, 9.2, and 10.13. PROVIDED AND/OR DISCOVERED BY: Secunia Research ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2011-69/ http://secunia.com/secunia_research/2011-70/ http://secunia.com/secunia_research/2011-71/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 18:53:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 03:53:47 +0200 Subject: [SEC] [SA46331] Drupal OG Features Module Security Bypass Security Issue Message-ID: <201110170153.p9H1rl31006352@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Drupal OG Features Module Security Bypass Security Issue SECUNIA ADVISORY ID: SA46331 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46331/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46331 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46331/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46331/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46331 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the OG Features module for Drupal, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the module not handling certain local task menu items properly, which can lead to certain otherwise restricted pages being rendered accessible. The security issue is reported in 6.x-1.x versions prior to 6.x-1.2. SOLUTION: Update to version 6.x-1.2 Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Imad Nabli and Ezra Glidesgame. ORIGINAL ADVISORY: SA-CONTRIB-2011-047: http://drupal.org/node/1300642 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 19:28:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 04:28:52 +0200 Subject: [SEC] [SA46344] BlackBerry Tablet OS Flash Player Multiple Vulnerabilities Message-ID: <201110170228.p9H2Sqwt030328@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: BlackBerry Tablet OS Flash Player Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46344 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46344/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46344 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46344/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46344/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46344 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in BlackBerry Tablet OS, which can be exploited by malicious people to conduct cross-site scripting attacks, disclose sensitive information, bypass certain security restrictions, and compromise a user's device. The vulnerabilities are caused due to a vulnerable bundled version of Adobe Flash Player. For more information: SA45583 SA46113 The vulnerabilities are reported in versions 1.0.7.2942 and prior. SOLUTION: Update to version 1.0.7.3312 or later. ORIGINAL ADVISORY: http://www.blackberry.com/btsc/KB28400 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 19:55:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 04:55:01 +0200 Subject: [SEC] [SA46215] concrete5 Path Disclosure Weakness and Cross-Site Scripting Vulnerability Message-ID: <201110170255.p9H2t16F020901@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: concrete5 Path Disclosure Weakness and Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46215 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46215/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46215 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46215/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46215/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46215 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ryan Dewhurst has discovered a weakness and a vulnerability in concrete5, which can be exploited by malicious people to disclose system information and conduct cross-site scripting attacks. 1) Input passed via the "cID" parameter to index.php/tools/blocks/page_list/blog_rss (when "bID" is set) is not properly verified. This can be exploited to disclose the full installation path via an error message when "cID" is set to a non-integer value. 2) Input passed via the "rcID" parameter to index.php/login/forgot_password is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that the victim uses Internet Explorer. The weakness and the vulnerability are confirmed in version 5.4.2.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised and verified. PROVIDED AND/OR DISCOVERED BY: Ryan Dewhurst ORIGINAL ADVISORY: http://www.ethicalhack3r.co.uk/security/concrete5/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 20:17:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 05:17:55 +0200 Subject: [SEC] [SA46304] Red Hat update for kernel Message-ID: <201110170317.p9H3HtJh011329@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA46304 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46304/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46304 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46304/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46304/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46304 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive and certain system information, cause a DoS (Denial of Service), and potentially gain escalated privileges and by malicious people to cause a DoS. For more information: SA43576 SA44094 SA44248 SA44754 SA45533 SA45420 1) An error within the "x86_assign_hw_event()" function (arch/x86/kernel/cpu/perf_event.c) when calculating the base can falsely lead the NMI (Non-Maskable Interrupt) Watchdog to detect a lockup and cause a kernel panic e.g. via the perf tool. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Arun Sharma. ORIGINAL ADVISORY: RHSA-2011:1350-01: https://rhn.redhat.com/errata/RHSA-2011-1350.html Red Hat Bug#719228: https://bugzilla.redhat.com/show_bug.cgi?id=719228 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 20:51:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 05:51:09 +0200 Subject: [SEC] [SA46323] Plone Two Vulnerabilities Message-ID: <201110170351.p9H3p9kE002218@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Plone Two Vulnerabilities SECUNIA ADVISORY ID: SA46323 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46323/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46323 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46323/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46323/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46323 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Plone, which can be exploited by malicious people to compromise a vulnerable system. 1) The application bundles a vulnerable version of Zope. For more information: SA46221 2) An error exits within the CMFEditions component when handling certain KwAsAttributes classes and can be exploited to execute arbitrary commands. The vulnerabilities are reported in versions 4.0 through 4.0.9, 4.1, 4.2a1, and 4.2a2. SOLUTION: Apply Plone Hotfix 20110928. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Alan Hoey. ORIGINAL ADVISORY: http://plone.org/products/plone/security/advisories/20110928 http://plone.org/products/plone-hotfix/releases/20110928 http://pypi.python.org/pypi/Products.PloneHotfix20110928/1.0 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 21:16:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 06:16:09 +0200 Subject: [SEC] [SA46327] Openswan IKE Daemon NULL Pointer Dereference Denial of Service Vulnerability Message-ID: <201110170416.p9H4G92v025194@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Openswan IKE Daemon NULL Pointer Dereference Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46327 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46327/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46327 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46327/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46327/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46327 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Openswan, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error in the "ike_alg_enc_ok()" function (pluto/ike_alg.c) when handling an error during ISAKMP message processing. This can be exploited to cause the pluto IKE daemon to restart via a specially crafted IKE packet with an invalid KEY_LENGTH attribute. Successful exploitation requires the attacker's IP address is allowed to connect (e.g. via a policy) or support for dynamic clients is enabled ("roadwarriors" via right=%any). The vulnerability is reported in versions 2.6.29 through 2.6.35. SOLUTION: Update to version 2.6.36. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.openswan.org/download/CVE-2011-3380/CVE-2011-3380.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 21:50:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 06:50:56 +0200 Subject: [SEC] [SA46306] Red Hat update for openswan Message-ID: <201110170450.p9H4ou7Q016226@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for openswan SECUNIA ADVISORY ID: SA46306 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46306/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46306 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46306/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46306/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46306 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for openswan. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46327 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1356-1: https://rhn.redhat.com/errata/RHSA-2011-1356.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 16 22:16:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 07:16:04 +0200 Subject: [SEC] [SA46334] Drupal Echo Module Unspecified Cross-Site Scripting and Spoofing Vulnerabilities Message-ID: <201110170516.p9H5G4ES006729@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Drupal Echo Module Unspecified Cross-Site Scripting and Spoofing Vulnerabilities SECUNIA ADVISORY ID: SA46334 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46334/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46334 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46334/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46334/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46334 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the Echo module for Drupal, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the URL is not properly verified before being embedded on the site, which can be exploited to conduct spoofing attacks. The vulnerabilities are reported in versions prior to 6.x-1.7, 7.x-1.7, and 8.x-1.7. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Francesco Placella. ORIGINAL ADVISORY: SA-CONTRIB-2011-046: http://drupal.org/node/1300610 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 10:42:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 19:42:26 +0200 Subject: [SEC] [SA46435] WordPress BackWPup Plugin "BackWPupJobTemp" File Inclusion Vulnerability Message-ID: <201110171742.p9HHgQub001459@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress BackWPup Plugin "BackWPupJobTemp" File Inclusion Vulnerability SECUNIA ADVISORY ID: SA46435 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46435/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46435 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46435/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46435/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46435 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sense of Security has discovered a vulnerability in the BackWPup plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed to the "BackWPupJobTemp" parameter in wp-content/plugins/backwpup/job/wp_export_generate.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from remote resources. The vulnerability is confirmed in version 2.1.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Phil Taylor, Sense of Security ORIGINAL ADVISORY: SOS-11-012: http://www.senseofsecurity.com.au/advisories/SOS-11-012 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 11:40:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 20:40:28 +0200 Subject: [SEC] [SA46423] Linux Kernel "apparmor_setprocattr()" Denial of Service Vulnerability Message-ID: <201110171840.p9HIeS6K026100@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Linux Kernel "apparmor_setprocattr()" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46423 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46423/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46423 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46423/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46423/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46423 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the "apparmor_setprocattr()" function (security/apparmor/lsm.c), which can be exploited to trigger a "BUG_ON()" if a process writes malformed data to its "/attr/current" proc file. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported in an Ubuntu bug by Emanuel Bronshtein. ORIGINAL ADVISORY: https://bugs.launchpad.net/apparmor/+bug/789409 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a5b2c5b2ad5853591a6cac6134cd0f599a720865 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 12:41:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 21:41:00 +0200 Subject: [SEC] [SA46431] phpMyAdmin "setup.php" Cross-Site Scripting Vulnerability Message-ID: <201110171941.p9HJf0wv018428@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: phpMyAdmin "setup.php" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46431 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46431/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46431 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46431/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46431/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46431 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in phpMyAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain input passed to setup.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. NOTE: Successful exploitation requires that installation best-practices have not been followed and the config directory is left writable. The vulnerability is reported in version 3.4.5. Other versions may also be affected. SOLUTION: Update to version 3.4.6 or apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Jakub Galczyk ORIGINAL ADVISORY: phpMyAdmin: http://www.phpmyadmin.net/home_page/security/PMASA-2011-16.php Jakub Galczyk: http://hauntit.blogspot.com/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 13:36:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 22:36:47 +0200 Subject: [SEC] [SA46389] Logsurfer "prepare_exec()" Double-Free Vulnerability Message-ID: <201110172036.p9HKalw7010493@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Logsurfer "prepare_exec()" Double-Free Vulnerability SECUNIA ADVISORY ID: SA46389 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46389/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46389 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46389/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46389/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46389 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Logsurfer, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a double-free error within the "prepare_exec()" function (src/exec.c), which can be exploited by injecting certain special content into parsed logfiles. The vulnerability is reported in versions 1.7. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Gregor Kopf, Recurity Labs and Jan Kohlrausch, DFN-CERT. ORIGINAL ADVISORY: http://logsurfer.git.sourceforge.net/git/gitweb.cgi?p=logsurfer/logsurfer;a=commit;h=07983748da9ea3d4954b80f02fed692fe21b1134 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 14:34:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 17 Oct 2011 23:34:53 +0200 Subject: [SEC] [SA46382] BlueZone Desktop iSeries Printer ZAP File Processing Buffer Overflow Message-ID: <201110172134.p9HLYrmW002690@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: BlueZone Desktop iSeries Printer ZAP File Processing Buffer Overflow SECUNIA ADVISORY ID: SA46382 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46382/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46382 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46382/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46382/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46382 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in BlueZone Desktop, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error in the iSeries Printer utility (bzap.exe) when processing ZAP files. This can be exploited to cause a heap-based buffer overflow via a specially crafted ".zap" file. Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerability is confirmed in version 5.2C2 Build 1554 (bzap.exe version 5.2.2.1533). Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Reported by Silent_Dream as a DoS only. Additional information about the code execution impact provided by Secunia Research. ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/17982/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 15:09:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 00:09:25 +0200 Subject: [SEC] [SA46442] WordPress WordPress Users Plugin "uid" SQL Injection Vulnerability Message-ID: <201110172209.p9HM9P0x026134@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress WordPress Users Plugin "uid" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46442 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46442/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46442 RELEASE DATE: 2011-10-17 DISCUSS ADVISORY: http://secunia.com/advisories/46442/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46442/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46442 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Wordpress Users plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "uid" parameter to index.php (when "p" is set to the ID of the page displaying the user directory) is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.3. Prior versions may also be affected. SOLUTION: Update to version 1.4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://wordpress.org/extend/plugins/wordpress-users/ http://plugins.trac.wordpress.org/changeset/448261/wordpress-users OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 15:42:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 00:42:13 +0200 Subject: [SEC] [SA46433] Gentoo update for unbound Message-ID: <201110172242.p9HMgDNQ017039@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for unbound SECUNIA ADVISORY ID: SA46433 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46433/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46433 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46433/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46433/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46433 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for unbound. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA38888 SA44865 SOLUTION: Update to "net-dns/unbound-1.4.10" or later. ORIGINAL ADVISORY: GLSA 201110-12: http://www.gentoo.org/security/en/glsa/glsa-201110-12.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 16:04:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 01:04:00 +0200 Subject: [SEC] [SA46464] aSgbookPHP URL Cross-Site Scripting Vulnerability Message-ID: <201110172304.p9HN40UV007396@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: aSgbookPHP URL Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46464 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46464/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46464 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46464/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46464/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46464 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in aSgbookPHP, which can be exploited by malicious people to conduct cross-site scripting attacks. Input appended to the URL after index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.9. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: indoushka ORIGINAL ADVISORY: http://packetstormsecurity.org/files/view/105845/asgbookphp-xss.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 16:43:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 01:43:46 +0200 Subject: [SEC] [SA46444] Novell Open Enterprise Server DSfW Group Policy Object Security Bypass Security Issue Message-ID: <201110172343.p9HNhk8l031066@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Novell Open Enterprise Server DSfW Group Policy Object Security Bypass Security Issue SECUNIA ADVISORY ID: SA46444 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46444/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46444 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46444/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46444/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46444 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Novell Open Enterprise Server, which can be exploited by malicious users to bypass certain security restrictions. The security issue is caused due to incorrect permissions on the Group Policy Objects directory and can be exploited to create new files and delete or edit existing non-default policy files. Successful exploitation requires that a DSfW domain is hosted by an OES domain controller and non-default Group Policy Object has been created. The security issue is reported in version OES2 SP3. SOLUTION: Apply workaround (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.novell.com/support/viewContent.do?externalId=7009567 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 17:24:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 02:24:16 +0200 Subject: [SEC] [SA46458] Fedora update for puppet Message-ID: <201110180024.p9I0OG5I022371@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for puppet SECUNIA ADVISORY ID: SA46458 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46458/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46458 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46458/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46458/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46458 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for puppet. This fixes multiple security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA46286 SOLUTION: Apply updated packages via the yum utility ("yum update puppet"). ORIGINAL ADVISORY: FEDORA-2011-13633: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068061.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 17:57:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 02:57:36 +0200 Subject: [SEC] [SA46318] Drupal Rate Module "content_type" Cross-Site Scripting Vulnerability Message-ID: <201110180057.p9I0vaek013328@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Drupal Rate Module "content_type" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46318 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46318/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46318 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46318/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46318/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46318 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Rate module for Drupal, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "content_type" parameter to index.php (when "q" is set to "rate/vote/js") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in 6.x-1.x versions prior to 6.x-1.3. SOLUTION: Update to version 6.x-1.3 Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Zakaria Rachid. ORIGINAL ADVISORY: SA-CONTRIB-2011-045: http://drupal.org/node/1300558 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 18:38:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 03:38:57 +0200 Subject: [SEC] [SA46319] Movable Type A-Form Plugins Cross-Site Scripting and Security Bypass Vulnerabilities Message-ID: <201110180138.p9I1cvTV004647@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Movable Type A-Form Plugins Cross-Site Scripting and Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA46319 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46319/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46319 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46319/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46319/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46319 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the A-Form plugins for Movable Type, which can be exploited by malicious people to conduct cross-site scripting attacks and bypass certain security restrictions. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Note: This vulnerability only affects "A-Form PC" and "A-Form PC/Mobile". 2) An error in the application can be exploited to bypass certain security restrictions and change information managed by the A-Form plugin. The vulnerabilities are reported in the following versions: * A-Form and A-Form Bamboo prior to version 1.3.6 * A-Form and A-Form Bamboo prior to version 2.0.3 * A-Form PC and A-Form PC/Mobile prior to version 3.1 SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: ARK-Web (Japanese): http://www.ark-web.jp/movabletype/a-form/docs/security_patch.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 19:11:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 04:11:35 +0200 Subject: [SEC] [SA46300] MyBB Compromised Source Packages Backdoor Security Issue Message-ID: <201110180211.p9I2BZxi028113@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: MyBB Compromised Source Packages Backdoor Security Issue SECUNIA ADVISORY ID: SA46300 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46300/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46300 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46300/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46300/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46300 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in MyBB, which can be exploited by malicious people to compromise a vulnerable system. The security issue is caused due to the distribution of compromised MyBB source code packages containing a backdoor, which can be exploited to e.g. execute arbitrary PHP code. The compromised source file was distributed with versions 1.6.4 on October 6th, 2011 and prior. SOLUTION: Manually download and install the latest version. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: MyBB: http://blog.mybb.com/2011/10/06/1-6-4-security-vulnerabilit/ http://blog.mybb.com/wp-content/uploads/2011/10/mybb_1604_patches.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 19:51:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 04:51:03 +0200 Subject: [SEC] [SA46302] Tine 2.0 "file" Cross-Site Scripting Vulnerabilities Message-ID: <201110180251.p9I2p3QT019697@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Tine 2.0 "file" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA46302 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46302/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46302 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46302/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46302/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46302 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in Tine 2.0, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain input passed via the "file" parameter to the phpexcel and idnaconvert libraries is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. SOLUTION: Update to version Maisha released on October 4th, 2011. PROVIDED AND/OR DISCOVERED BY: The vendor credits High-Tech Bridge SA. ORIGINAL ADVISORY: Tine: http://forge.tine20.org/mantisbt/changelog_page.php?version_id=138 http://forge.tine20.org/mantisbt/view.php?id=4916 http://forge.tine20.org/mantisbt/bug_revision_view_page.php?rev_id=1540#r1540 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 20:15:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 05:15:10 +0200 Subject: [SEC] [SA46274] Debian update for quagga Message-ID: <201110180315.p9I3FAJ2010173@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for quagga SECUNIA ADVISORY ID: SA46274 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46274/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46274 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46274/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46274/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46274 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46139 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2316-1: http://www.debian.org/security/2011/dsa-2316 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 20:50:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 05:50:41 +0200 Subject: [SEC] [SA46333] Drupal Petition Node Module Script Insertion Vulnerability Message-ID: <201110180350.p9I3ofO8001188@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Drupal Petition Node Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46333 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46333/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46333 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46333/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46333/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46333 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Petition Node module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain input when signing a petition is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires permissions to sign petitions. The vulnerability is reported in versions prior to 6.x-1.5. SOLUTION: Update to version 6.x-1.5 Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits galooph. ORIGINAL ADVISORY: SA-CONTRIB-2011-043: http://drupal.org/node/1300238 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 21:16:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 06:16:33 +0200 Subject: [SEC] [SA46362] Debian update for policykit-1 Message-ID: <201110180416.p9I4GXVB024215@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for policykit-1 SECUNIA ADVISORY ID: SA46362 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46362/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46362 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46362/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46362/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46362 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for policykit-1. This fixes a security issue, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA44266 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2319-1: http://www.debian.org/security/2011/dsa-2319 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 21:55:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 06:55:49 +0200 Subject: [SEC] [SA46321] Cybozu Office Attendance Information Security Bypass Vulnerability Message-ID: <201110180455.p9I4tn8Y015453@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cybozu Office Attendance Information Security Bypass Vulnerability SECUNIA ADVISORY ID: SA46321 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46321/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46321 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46321/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46321/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46321 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cybozu Office, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to the application not properly verifying privileges and can be exploited to view other user's attendance information. The vulnerability is reported in versions prior to 8.0.0. SOLUTION: Upgrade to version 9. PROVIDED AND/OR DISCOVERED BY: JVN credits Masako Ohno. ORIGINAL ADVISORY: JVN (English): http://jvn.jp/en/jp/JVN84838479/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000079.html JVN (Japanese): http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000079.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 17 22:15:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 07:15:25 +0200 Subject: [SEC] [SA46307] Spree "search[send][]" Command Execution Vulnerability Message-ID: <201110180515.p9I5FPGk005700@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Spree "search[send][]" Command Execution Vulnerability SECUNIA ADVISORY ID: SA46307 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46307/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46307 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46307/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46307/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46307 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Spree, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "search[send][]" parameter is not properly verified before being used in the ProductScope class, which can be exploited to execute arbitrary commands via specially crafted requests. The vulnerability is reported in versions prior to 0.60.2. SOLUTION: Update to version 0.60.2 or later. PROVIDED AND/OR DISCOVERED BY: The vendor credits joernchen, Phenoelit. ORIGINAL ADVISORY: Spree: http://spreecommerce.com/blog/2011/10/05/remote-command-product-group/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 10:38:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 19:38:14 +0200 Subject: [SEC] [SA46455] ClamAV Recursion Level Handling Vulnerability Message-ID: <201110181738.p9IHcEIr032703@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: ClamAV Recursion Level Handling Vulnerability SECUNIA ADVISORY ID: SA46455 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46455/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46455 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46455/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46455/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46455 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. The vulnerability is caused due to errors related to the handling of recursion levels within the "cli_bcapi_extract_new()" (libclamav/bytecode_api.c) and "cli_bytecode_runhook()" (libclamav/bytecode.c) functions, which can be exploited to e.g. cause a crash via specially crafted files. The vulnerability is reported in version 0.97.2. Prior versions may also be affected. SOLUTION: Update to version 0.97.3. PROVIDED AND/OR DISCOVERED BY: The vendor credits Stephane Chazelas. ORIGINAL ADVISORY: http://git.clamav.net/gitweb?p=clamav-devel.git;a=commitdiff;h=3d664817f6ef833a17414a4ecea42004c35cc42f http://git.clamav.net/gitweb?p=clamav-devel.git;a=blob_plain;f=ChangeLog;hb=clamav-0.97.3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 11:36:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 20:36:23 +0200 Subject: [SEC] [SA46463] TYPO3 phpMyAdmin Extension Cross-Site Scripting Vulnerability Message-ID: <201110181836.p9IIaNa8024902@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: TYPO3 phpMyAdmin Extension Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46463 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46463/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46463 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46463/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46463/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46463 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the phpMyAdmin extension for TYPO3, which can be exploited malicious people to conduct cross-site scripting attacks. For more information: SA46431 The vulnerability is reported in versions 4.11.5 and prior. SOLUTION: Update to version 4.11.6. PROVIDED AND/OR DISCOVERED BY: Reported in the standalone version of phpMyAdmin by Jakub Galczyk. ORIGINAL ADVISORY: TYPO3-EXT-SA-2011-014: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-014/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 12:35:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 21:35:40 +0200 Subject: [SEC] [SA46421] Joomla! Information Disclosure Vulnerabilities Message-ID: <201110181935.p9IJZemA017162@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! Information Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA46421 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46421/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46421 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46421/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46421/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46421 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Joomla!, which can be exploited by malicious people to disclose potentially sensitive information. 1) An error due to weak encryption can be exploited to disclose potentially sensitive information. This vulnerability is reported in versions prior to 1.5.24 and prior to 1.7.2. 2) Insufficient error checking can be exploited to disclose potentially sensitive information. This vulnerability is reported in versions prior to 1.7.2. SOLUTION: Update to version 1.5.24 or 1.7.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Jeff Channell 2) Aung Khant, YGN Ethical Hacker Group ORIGINAL ADVISORY: Joomla!: http://developer.joomla.org/security/news/370-20111001-core-information-disclosure http://developer.joomla.org/security/news/371-20111002-core-information-disclosure http://developer.joomla.org/security/news/372-20111003-core-information-disclosure OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 13:37:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 22:37:30 +0200 Subject: [SEC] [SA46439] SUSE update for kdelibs4 Message-ID: <201110182037.p9IKbUXL009533@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for kdelibs4 SECUNIA ADVISORY ID: SA46439 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46439/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46439 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46439/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46439/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46439 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for kdelibs4. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA46157 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1135-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00013.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 14:29:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 23:29:49 +0200 Subject: [SEC] [SA46454] SUSE update for tomcat6 Message-ID: <201110182129.p9ILTnss001404@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for tomcat6 SECUNIA ADVISORY ID: SA46454 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46454/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46454 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46454/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46454/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46454 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for tomcat6. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information and bypass certain security restrictions. For more information: SA45748 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1134-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00012.html SUSE-SU-2011:1117-2: https://hermes.opensuse.org/messages/12108112 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 14:50:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 18 Oct 2011 23:50:23 +0200 Subject: [SEC] [SA46451] SUSE update for popt Message-ID: <201110182150.p9ILoN6I024162@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for popt SECUNIA ADVISORY ID: SA46451 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46451/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46451 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46451/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46451/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46451 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for popt. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information see vulnerability #1 in: SA46096 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1140-1: http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00006.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 15:15:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 00:15:50 +0200 Subject: [SEC] [SA46450] SUSE update for libreoffice Message-ID: <201110182215.p9IMFof7014710@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for libreoffice SECUNIA ADVISORY ID: SA46450 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46450/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46450 RELEASE DATE: 2011-10-18 DISCUSS ADVISORY: http://secunia.com/advisories/46450/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46450/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46450 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libreoffice. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA44996 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1143-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00017.html openSUSE-SU-2011:1143-2: http://lists.opensuse.org/opensuse-updates/2011-10/msg00019.html SUSE-SU-2011:1148-1: https://hermes.opensuse.org/messages/12111048 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 15:51:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 00:51:39 +0200 Subject: [SEC] [SA46452] SUSE update for libopenssl Message-ID: <201110182251.p9IMpd91005761@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for libopenssl SECUNIA ADVISORY ID: SA46452 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46452/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46452 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46452/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46452/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46452 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libopenssl. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). For more information: SA45781 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1144-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00018.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 16:18:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 01:18:29 +0200 Subject: [SEC] [SA46425] SUSE update for php5 Message-ID: <201110182318.p9INITxh028806@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for php5 SECUNIA ADVISORY ID: SA46425 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46425/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46425 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46425/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46425/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46425 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for php5. This fixes two vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA44874 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1137-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00014.html openSUSE-SU-2011:1138-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00015.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 16:53:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 01:53:33 +0200 Subject: [SEC] [SA46449] SUSE update for wireshark Message-ID: <201110182353.p9INrX6X019832@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for wireshark SECUNIA ADVISORY ID: SA46449 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46449/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46449 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46449/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46449/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46449 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for wireshark. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA44449 SA45086 SA45927 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1142-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00016.html SUSE-SU-2011:1145-1: https://hermes.opensuse.org/messages/12108923 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 17:22:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 02:22:47 +0200 Subject: [SEC] [SA46443] GNUBoard URL SQL Injection Vulnerability Message-ID: <201110190022.p9J0MlZi010549@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: GNUBoard URL SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46443 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46443/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46443 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46443/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46443/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46443 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: flyh4t has discovered a vulnerability in GNUBoard, which can be exploited by malicious people to conduct SQL injection attacks. Input appended to the URL after bbs/tb.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 4.34.14. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: flyh4t OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 17:58:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 02:58:34 +0200 Subject: [SEC] [SA46448] SUSE update for cups Message-ID: <201110190058.p9J0wY9g001586@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for cups SECUNIA ADVISORY ID: SA46448 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46448/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46448 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46448/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46448/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46448 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for cups. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks and potentially compromise a vulnerable system. For more information: SA40165 SA45713 SA45796 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1136-1: https://hermes.opensuse.org/messages/12106220 SUSE-SU-2011:1136-2: https://hermes.opensuse.org/messages/12111509 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 18:48:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 03:48:11 +0200 Subject: [SEC] [SA46438] Microsoft Office Publisher Document Insertion Buffer Overflow Vulnerability Message-ID: <201110190148.p9J1mBTV025804@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Microsoft Office Publisher Document Insertion Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA46438 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46438/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46438 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46438/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46438/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46438 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Core Security Technologies has reported a vulnerability in Microsoft Office Publisher 2007, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the pubconv.dll library when inserting content into a document. This can be exploited to cause a stack-based buffer overflow via a specially crafted ".pub" file. Successful exploitation may allow execution of arbitrary code, but requires tricking a user into inserting a malicious file into a document. The vulnerability is reported in version 12.0.6546.5000. Other versions may also be affected. SOLUTION: Do not use content from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Daniel Kazimirow, Core Security Technologies. ORIGINAL ADVISORY: Core Security Technologies (CORE-2011-0106): http://www.coresecurity.com/content/publisher-pubconv-memory-corruption OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 19:30:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 04:30:15 +0200 Subject: [SEC] [SA46374] Ubuntu update for php5 Message-ID: <201110190230.p9J2UFMa017660@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for php5 SECUNIA ADVISORY ID: SA46374 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46374/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46374 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46374/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46374/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46374 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for php5. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA39675 SA44874 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1231-1: http://www.ubuntu.com/usn/usn-1231-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 19:55:37 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 04:55:37 +0200 Subject: [SEC] [SA46453] SUSE update for libopenssl Message-ID: <201110190255.p9J2tbff008175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for libopenssl SECUNIA ADVISORY ID: SA46453 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46453/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46453 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46453/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46453/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46453 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for libopenssl. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information see vulnerability #2 in: SA45781 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1146-1: https://hermes.opensuse.org/messages/12109561 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 20:19:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 05:19:03 +0200 Subject: [SEC] [SA46420] Asterisk SIP Channel Driver Uninitialised Variables Denial of Service Vulnerability Message-ID: <201110190319.p9J3J35W031035@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Asterisk SIP Channel Driver Uninitialised Variables Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46420 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46420/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46420 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46420/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46420/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46420 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Asterisk, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to the use of uninitialised variables within the SIP channel driver when parsing certain requests, which can be exploited to cause a crash by sending specially crafted requests. The vulnerability is reported in Asterisk versions 1.8.x prior to 1.8.7.1. SOLUTION: Update to version 1.8.7.1 or apply patches. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Ehsan Foroughi. ORIGINAL ADVISORY: AST-2011-012: http://downloads.asterisk.org/pub/security/AST-2011-012.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 20:52:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 05:52:41 +0200 Subject: [SEC] [SA46468] HP Data Protector Multiple Unspecified Vulnerabilities Message-ID: <201110190352.p9J3qfPY021978@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: HP Data Protector Multiple Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA46468 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46468/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46468 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46468/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46468/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46468 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in HP Data Protector, which can be exploited by malicious people to compromise a vulnerable system. The vulnerabilities are caused due to unspecified errors. No further information is currently available. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in the following versions: * HP Data Protector Notebook Extension prior to 6.20. * HP Data Protector for PCs 7.0. SOLUTION: Apply the DPPCWIN_00001 patch. PROVIDED AND/OR DISCOVERED BY: The vendor credits Andrea Micalizzi aka rgod via ZDI. ORIGINAL ADVISORY: HPSBMP02713 SSRT100651: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03054543 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 21:17:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 06:17:49 +0200 Subject: [SEC] [SA46467] WordPress WP Photo Album Plus Plugin "wppa-album" SQL Injection Vulnerability Message-ID: <201110190417.p9J4Hn0X012519@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress WP Photo Album Plus Plugin "wppa-album" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46467 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46467/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46467 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46467/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46467/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46467 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the WP Photo Album Plus plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "wppa-album" parameter to index.php (when "page_id" or "p" is set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 4.1.1. Prior versions may also be affected. SOLUTION: Update to version 4.2.0. PROVIDED AND/OR DISCOVERED BY: Skraps ORIGINAL ADVISORY: WP Photo Album Plus: http://wordpress.org/extend/plugins/wp-photo-album-plus/changelog/ http://plugins.trac.wordpress.org/changeset?reponame=&new=452020%40wp-photo-album-plus&old=451943%40wp-photo-album-plus OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 21:52:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 06:52:24 +0200 Subject: [SEC] [SA46409] SUSE update for cups Message-ID: <201110190452.p9J4qOv5003503@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for cups SECUNIA ADVISORY ID: SA46409 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46409/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46409 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46409/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46409/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46409 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for cups. This fixes multiple vulnerabilities, which can be exploited by malicious people to conduct cross-site request forgery attacks, cause a DoS (Denial of Service), and potentially compromise a vulnerable system. For more information: SA40165 SA45713 SA45796 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1149-1: https://hermes.opensuse.org/messages/12111069 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 18 22:19:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 07:19:13 +0200 Subject: [SEC] [SA46461] Piwik Multiple Unspecified Vulnerabilities Message-ID: <201110190519.p9J5JDO7026524@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Piwik Multiple Unspecified Vulnerabilities SECUNIA ADVISORY ID: SA46461 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46461/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46461 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46461/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46461/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46461 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities with an unknown impact have been reported in Piwik. The vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in versions prior to 1.6. SOLUTION: Update to version 1.6. PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Piwik 1.6 release notes only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: http://piwik.org/blog/2011/10/piwik-1-6/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 10:35:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 19:35:59 +0200 Subject: [SEC] [SA46488] Ubuntu update for krb5 Message-ID: <201110191735.p9JHZxZa020816@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for krb5 SECUNIA ADVISORY ID: SA46488 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46488/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46488 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46488/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46488/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46488 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for krb5. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46494 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1233-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001448.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 11:37:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 20:37:22 +0200 Subject: [SEC] [SA46527] Oracle OpenSSO Two Vulnerabilities Message-ID: <201110191837.p9JIbM9h013173@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle OpenSSO Two Vulnerabilities SECUNIA ADVISORY ID: SA46527 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46527/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46527 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46527/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46527/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46527 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged two vulnerabilities in Oracle OpenSSO, which can be exploited by malicious people to manipulate certain data and cause a DoS (Denial of Service). 1) An unspecified error within the Authentication component can be exploited to manipulate certain data. 2) An unspecified error within the Authentication component can be exploited to cause a DoS. The vulnerabilities are reported in version 8.0. SOLUTION: Apply updates (see vendor's advisory for additional information). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for October 2010 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 12:50:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 21:50:32 +0200 Subject: [SEC] [SA46528] Oracle OpenSSO Data Manipulation Vulnerability Message-ID: <201110191950.p9JJoWmq006116@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle OpenSSO Data Manipulation Vulnerability SECUNIA ADVISORY ID: SA46528 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46528/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46528 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46528/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46528/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46528 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Oracle OpenSSO, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to an error within the Authentication component. For more information see vulnerability #1 in: SA46527 The vulnerability is reported in version 7.1. SOLUTION: Apply updates (see vendor's advisory for additional information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 13:35:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 22:35:40 +0200 Subject: [SEC] [SA46483] Yet Another CMS Two SQL Injection Vulnerabilities Message-ID: <201110192035.p9JKZeUe030077@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Yet Another CMS Two SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46483 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46483/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46483 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46483/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46483/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46483 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Stefan Schurtz has discovered two vulnerabilities in Yet Another CMS, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "page" parameter to index.php and "pattern" POST parameter to search.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Note: The vulnerabilities can further be exploited to conduct cross-site scripting attacks via SQL error messages. The vulnerabilities are confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Stefan Schurtz ORIGINAL ADVISORY: http://www.rul3z.de/advisories/SSCHADV2011-031.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 14:31:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 19 Oct 2011 23:31:40 +0200 Subject: [SEC] [SA46466] Novell ZENworks Configuration Management AdminStudio ActiveX Controls Vulnerabilities Message-ID: <201110192131.p9JLVei9022179@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Novell ZENworks Configuration Management AdminStudio ActiveX Controls Vulnerabilities SECUNIA ADVISORY ID: SA46466 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46466/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46466 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46466/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46466/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46466 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Novell ZENworks Configuration Management, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error in the "DoFindReplace()" method within the SIGrid.Grid.1 ActiveX control can be exploited via certain input passed in the "bstrReplaceText" parameter. 2) An unspecified error exists in the Antique ActiveX control. No further information is currently available. 3) An unspecified error exists in the help.Dall ActiveX control related to the Launch process functionality. No further information is currently available. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are reported in the following products: * Novell ZENworks 10 Configuration Management with Support Pack 2 - 10.2 * Novell ZENworks 10 Configuration Management with Support Pack 3 - 10.3 * Novell ZENworks 11 Configuration Management Support Pack 1 - ZCM 11 SP SOLUTION: Apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits TippingPoint. ORIGINAL ADVISORY: Novell: http://www.novell.com/support/viewContent.do?externalId=7009570 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 15:04:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 00:04:04 +0200 Subject: [SEC] [SA46522] Oracle Solaris Multiple Vulnerabilities Message-ID: <201110192204.p9JM44qS013091@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46522 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46522/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46522 RELEASE DATE: 2011-10-19 DISCUSS ADVISORY: http://secunia.com/advisories/46522/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46522/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46522 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Solaris, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service), by malicious users to cause a DoS, and by malicious people to cause a DoS and potentially compromise a vulnerable system. 1) An unspecified error in the LDAP library can be potentially exploited to compromise a vulnerable system. The vulnerability is reported in versions 8, 9, 10, and 11 Express. 2) An unspecified error in the iSCSI DataMover (IDM) component can be exploited to cause a DoS. This vulnerability is reported in version 11 Express. 3) An unspecified error in the Process File System (procfs) component can be exploited to manipulate certain data or cause a DoS. This vulnerability is reported in versions 10 and 11 Express. 4) An unspecified error in the Network Status Monitor (statd(1M)) component can be exploited to cause a DoS. 5) An unspecified error in the Remote Quota Server (rquotad(1M)) component can be exploited to cause a DoS. 6) An unspecified error in the Kernel/Filesystem component can be exploited to cause a DoS. Vulnerabilities #4 through #6 are reported in versions 8, 9, 10, and 11 Express. 7) An unspecified error in the Kernel/Performance Counter BackEnd Module (pcbe) component can be exploited to cause a DoS. This vulnerability is reported in versions 10 and 11 Express. 8) An unspecified error in the ZFS component can be exploited by malicious, local users to cause a DoS. 9) An unspecified error in the Network Services Library (libnsl(3LIB)) component can be exploited to disclose certain information. Vulnerabilities #8 and #9 are reported in version 10. 10) An unspecified error in the xscreensaver component can be exploited by malicious, local users to disclose or manipulate certain information. This vulnerability is reported in versions 9 and 11 Express. 11) An unspecified error in the ZFS component can be exploited to cause a DoS. This vulnerability is reported in versions 10 and 11 Express. 12) An unspecified error in the DTrace Software Library (libdtrace(3LIB) can be exploited to cause a DoS. 13) An unspecified error in the ZFS component can be exploited to cause a DoS. 14) An unspecified error in the ZFS component can be exploited to disclose certain information. Vulnerabilities #12 through #14 are reported in version 10. 15) An unspecified error in the Zones component can be exploited to cause a DoS. This vulnerability is reported in versions 10 and 11 Express. SOLUTION: Apply patches (see vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerabilities as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporters provide more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 15:29:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 00:29:43 +0200 Subject: [SEC] [SA46500] Dolphin "iIDcat" SQL Injection Vulnerability Message-ID: <201110192229.p9JMThLn003604@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Dolphin "iIDcat" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46500 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46500/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46500 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46500/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46500/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46500 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Yuri Goltsev has discovered a vulnerability in Dolphin, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "iIDcat" parameter to xml/get_list.php (when "dataType" is set to "ApplyChanges" and "iNumb" is set to "1") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 6.1.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Yuri Goltsev, Positive Research Center. ORIGINAL ADVISORY: http://en.securitylab.ru/lab/PT-2011-14 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 15:53:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 00:53:59 +0200 Subject: [SEC] [SA46524] Oracle Sun Java System Application Server Denial of Service Vulnerability Message-ID: <201110192253.p9JMrx37026515@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Sun Java System Application Server Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46524 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46524/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46524 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46524/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46524/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46524 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Sun Java System Application Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the Web Container component. For more information: SA46523 The vulnerability is reported in Sun Java System Application Server version 8.1 and 8.2. SOLUTION: Apply patches (see vendor's advisory for additional details). ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 16:18:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 01:18:02 +0200 Subject: [SEC] [SA46523] Oracle Glassfish Products Denial of Service Vulnerability Message-ID: <201110192318.p9JNI23G016985@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Glassfish Products Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46523 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46523/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46523 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46523/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46523/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46523 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Glassfish Communications Server and Glassfish Enterprise Server, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error within the Web Container component. The vulnerability is reported in Glassfish Communications Server version 2.0 and GlassFish Enterprise Server 2.1.1, 3.0.1, and 3.1.1. SOLUTION: Apply patches (see vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 16:50:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 01:50:22 +0200 Subject: [SEC] [SA46481] Red Hat update for java-1.6.0-openjdk Message-ID: <201110192350.p9JNoMT7007875@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-openjdk SECUNIA ADVISORY ID: SA46481 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46481/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46481 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46481/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46481/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46481 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA46512 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1380-1: https://rhn.redhat.com/errata/RHSA-2011-1380.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 17:18:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 02:18:46 +0200 Subject: [SEC] [SA46509] Oracle Integrated Lights Out Manager Information Disclosure Vulnerability Message-ID: <201110200018.p9K0IkcT030995@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Integrated Lights Out Manager Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA46509 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46509/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46509 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46509/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46509/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46509 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Sun Integrated Lights Out Manager, which can be exploited by malicious, local users to gain knowledge of potentially sensitive information. The vulnerability is caused due to an unspecified error within the Integrated Lights Out Manager CLI component and can be exploited locally to disclose certain sensitive information. The vulnerability is reported in SPARC T3-1, SPARC T3-1B, SPARC T3-4, Netra SPARC T3-1, Netra SPARC T3-1B, Sun Blade x6270, Sun Blade x6270 M2, Sun Blade X6275, Sun Blade X6275 M2, Sun Blade X6440 M2, Sun Blade X6450, Sun Fire X2270 M2, Sun Fire X2270, Sun Fire X4170 M2, Sun Fire X4170, Sun Fire X4270 M2, Sun Fire X4270, Sun Fire x4470 M2, Sun Fire x4470 running SysFW 8.0 for SPARC T3. SOLUTION: Apply updates (see vendor's advisory for additional information). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 17:51:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 02:51:19 +0200 Subject: [SEC] [SA46526] Oracle Communications Unified Two Vulnerabilities Message-ID: <201110200051.p9K0pJiQ021893@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Communications Unified Two Vulnerabilities SECUNIA ADVISORY ID: SA46526 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46526/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46526 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46526/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46526/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46526 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged two vulnerabilities in Oracle Communications Unified, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious users to manipulate certain data. 1) An unspecified error within the "Messaging Server" component can be exploited to manipulate certain data. 2) An unspecified error within the "Delegated Administrator" component can be exploited to disclose certain information. The vulnerabilities are reported in version 7.0. SOLUTION: Apply updates (see vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 18:16:03 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 03:16:03 +0200 Subject: [SEC] [SA46517] Oracle Business Intelligence BI Platform Security Unspecified Vulnerability Message-ID: <201110200116.p9K1G3Xn012401@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Business Intelligence BI Platform Security Unspecified Vulnerability SECUNIA ADVISORY ID: SA46517 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46517/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46517 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46517/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46517/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46517 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Business Intelligence, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data. The vulnerability is caused due to an unspecified error in the BI Platform Security component. No further information is currently available. The vulnerability is reported in versions 11.1.1.3.0 and 11.1.1.5.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 18:51:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 03:51:14 +0200 Subject: [SEC] [SA46519] Oracle WebLogic Portal Unspecified Vulnerability Message-ID: <201110200151.p9K1pEpw003420@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle WebLogic Portal Unspecified Vulnerability SECUNIA ADVISORY ID: SA46519 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46519/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46519 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46519/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46519/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46519 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle WebLogic Portal, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in versions 9.2.3.0, 10.0.1.0, 10.2.1.0, and 10.3.2.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 19:22:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 04:22:08 +0200 Subject: [SEC] [SA46516] Oracle Application Server Multiple Vulnerabilities Message-ID: <201110200222.p9K2M8FU027122@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Application Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46516 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46516/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46516 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46516/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46516/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46516 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Application Server, which can be exploited by malicious users and malicious people to manipulate certain data. 1) An unspecified error in the JavaServer Pages within the Oracle Containers for J2EE component can be exploited to manipulate some data. 2) An unspecified error in the WSM Console component can be exploited by authenticated users to manipulate some data. 3) A second unspecified error in the WSM Console component can be exploited by authenticated users to manipulate some data. The vulnerabilities are reported in the following products: * Oracle Application Server 10g Release 3 version 10.1.3.5.0. * Oracle Application Server 10g Release 2 version 10.1.2.3.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 19:51:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 04:51:54 +0200 Subject: [SEC] [SA46520] Oracle WebLogic Server Information Disclosure and Privilege Escalation Vulnerabilities Message-ID: <201110200251.p9K2psD8017874@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle WebLogic Server Information Disclosure and Privilege Escalation Vulnerabilities SECUNIA ADVISORY ID: SA46520 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46520/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46520 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46520/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46520/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46520 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle WebLogic Server, which can be exploited by malicious, local users to perform certain actions with escalated privileges and by malicious people to disclose potentially sensitive information. 1) An unspecified error in the Web Services component can be exploited to disclose certain data. 2) An unspecified error in the JMS component can be exploited to disclose certain data. 3) An unspecified error in the WLS Security component can be exploited by local users to gain read access to some WebLogic Server accessible data. The vulnerabilities are reported in versions 9.2.4, 10.0.2, 11gR1 (10.3.3, 10.3.4, 10.3.5). SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 20:17:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 05:17:48 +0200 Subject: [SEC] [SA46512] Oracle Java SE Multiple Vulnerabilities Message-ID: <201110200317.p9K3HmaQ008424@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Java SE Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46512 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46512/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46512 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46512/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46512/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46512 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Java SE, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) A design error in the Secure Sockets Layer 3.0 (SSL) and Transport Layer Security 1.0 (TLS) protocols can be exploited to disclose potentially sensitive information via e.g. a Man-in-the-Middle (MitM) attack. 2) An error in the Deployment component may allow execution of arbitrary code in a client deployment via e.g untrusted applets. This vulnerability affects Windows based platforms only. 3) An error in the Deserialization component may allow execution of arbitrary code in a client deployment via e.g. untrusted applets. 4) An error in the Scripting component may allow execution of arbitrary code in a client deployment via e.g. untrusted applets. 5) An error in the Sound component may allow execution of arbitrary code in a client and server deployment via e.g untrusted applets or data sent to APIs through a web service. 6) An error in the Deployment component can be exploited to disclose and manipulate certain data in a client deployment via e.g. untrusted applets. 7) An error in the Networking component can be exploited to disclose certain data in a client deployment via e.g. untrusted applets. 8) An error in the AWT component may allow execution of arbitrary code in a client deployment via e.g. untrusted applets. 9) An error in the Swing component may allow execution of arbitrary code in a client deployment via e.g. untrusted applets. 10) An error in the AWT component may allow execution of arbitrary code in a client deployment via e.g. untrusted applets. 11) An error in the 2D component may allow execution of arbitrary code in a client and server deployment via e.g untrusted applets or data sent to APIs through a web service. 12) The java.net.Socket API does not properly limit the number of concurrent UDP sockets, which can be exploited to conduct DNS cache poisoning attacks by exhausting available sockets by e.g. tricking a user into visiting a website containing malicious applets. This may be related to vulnerability #19 in: SA43262 13) An error in the JAXWS component can be exploited to disclose certain data in a server deployment via e.g. data sent to APIs through a web service. 14) An error in the Java Runtime Environment component may allow execution of arbitrary code in a client deployment via e.g. untrusted applets. 15) An error in the Java Runtime Environment component can be exploited to manipulate certain data and cause a DoS in a client deployment via e.g. untrusted applets. 16) An error in the RMI component can be exploited to disclose and manipulate certain data and to cause a DoS in a RMI server deployment. 17) An error in the RMI component can be exploited to disclose and manipulate certain data and to cause a DoS in a RMI server deployment. 18) An error in the HotSpot component can be exploited to disclose certain data in a client deployment via e.g. untrusted applets. 19) An error in the JSSE component can be exploited to disclose and manipulate certain data in a client deployment via e.g. untrusted applets. 20) An error in the Deployment component can be exploited to disclose certain data in a client deployment via e.g. untrusted applets. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 12) Roee Hay and Yair Amit, IBM Rational Application Security Research Group It is currently unclear who reported the remaining vulnerabilities as the Oracle Java SE Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html IBM: http://blog.watchfire.com/files/dnsp_port_exhaustion.pdf http://roeehay.blogspot.com/2011/10/dns-poisoning-via-port-exhaustion.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 20:50:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 05:50:28 +0200 Subject: [SEC] [SA46521] Oracle JRockit Multiple Vulnerabilities Message-ID: <201110200350.p9K3oSkG031769@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle JRockit Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46521 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46521/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46521 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46521/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46521/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46521 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged multiple vulnerabilities in Oracle JRockit, which can be exploited by malicious people to hijack a user's session, disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA46512 SOLUTION: Apply updates (please see the vendor's advisory for details). ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 21:17:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 06:17:00 +0200 Subject: [SEC] [SA46427] Moodle Multiple Vulnerabilities Message-ID: <201110200417.p9K4H0XZ022358@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Moodle Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46427 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46427/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46427 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46427/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46427/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46427 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple weaknesses and vulnerabilities have been reported in Moodle, which can be exploited by malicious users to bypass certain security restrictions, disclose potentially sensitive data, conduct script insertion attacks, manipulate certain data, and to cause a DoS (Denial of Service) and by malicious people to bypass certain security restrictions and conduct cross-site scripting and cross-site request forgery attacks. 1) The weakness is caused due the chat feature allowing chat users to enumerate the full names of users. 2) The weakness is caused due to the global search feature not properly enforcing authorisation when being accessed through URLs directly. The weaknesses #1 and #2 do not affect the 1.9.x versions. 3) Incorrect handling of the return code of the "openssl_verify()" function within the MNET feature can be exploited to bypass SSL certificate validation. 4) A weakness in the Cookie-less session feature can potentially be exploited to bypass certain security restrictions. NOTE: The weakness affects the 1.9.x versions in the case of misconfiguration only. 5) An unspecified error can be exploited to disclose user names to unintended user groups. 6) Certain form data related to course section editing is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. This vulnerability does not affect the 2.x versions. 7) Due to an error during installation procedures, a certain secret value related to community hubs is not set. 8) The Box.net plugin does not implement the OAuth authentication features of the application. 9) An error within the category and course areas of the server files section can be exploited to disclose certain file information to unintended user groups. 10) Input passed to the "section" parameter is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 11) Certain input related to wiki comments is not properly sanitised before being used. This can be exploited to insert HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed. 12) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. perform certain actions on links when a logged-in user visits a specially crafted web page. The vulnerabilities #7 through #12 do not affect the 1.9.x versions. 13) An error related to forms can be exploited to manipulate certain constant form values. 14) An error within message/refresh.php can be exploited to cause a DoS by providing a zero value for the "wait" parameter. NOTE: Additionally certain database functions were hardened to prevent SQL injection attacks. This vulnerability does not affect the 2.x versions. SOLUTION: Update to version 1.9.14, 2.0.5, or 2.1.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 4, 10, 11, 12) Petr ?koda 2) Tatsuya Shirai 3, 13) David Mudrak 5) Rossiani Wijaya 6) Aaron Barnes 7) Colin Campbell 8) Alex Willen 9) Ralf Hilgenstock 14) Xavier Paz ORIGINAL ADVISORY: Moodle (MSA-11-0027, MSA-11-0028, MSA-11-0029, MSA-11-0030, MSA-11-0031, MSA-11-0032, MSA-11-0033, MSA-11-0034, MSA-11-0035, MSA-11-0036, MSA-11-0037, MSA-11-0038, MSA-11-0039, MSA-11-0040, MSA-11-0041): http://moodle.org/mod/forum/discuss.php?d=188309 http://moodle.org/mod/forum/discuss.php?d=188310 http://moodle.org/mod/forum/discuss.php?d=188311 http://moodle.org/mod/forum/discuss.php?d=188312 http://moodle.org/mod/forum/discuss.php?d=188313 http://moodle.org/mod/forum/discuss.php?d=188314 http://moodle.org/mod/forum/discuss.php?d=188315 http://moodle.org/mod/forum/discuss.php?d=188316 http://moodle.org/mod/forum/discuss.php?d=188317 http://moodle.org/mod/forum/discuss.php?d=188318 http://moodle.org/mod/forum/discuss.php?d=188319 http://moodle.org/mod/forum/discuss.php?d=188320 http://moodle.org/mod/forum/discuss.php?d=188321 http://moodle.org/mod/forum/discuss.php?d=188322 http://moodle.org/mod/forum/discuss.php?d=188323 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 21:51:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 06:51:56 +0200 Subject: [SEC] [SA46495] Ubuntu update for xorg-server Message-ID: <201110200451.p9K4puVx013390@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for xorg-server SECUNIA ADVISORY ID: SA46495 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46495/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46495 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46495/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46495/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46495 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for xorg-server. This fixes a weakness and a security issue, which can be exploited by malicious, local users to disclose system and sensitive information and cause a DoS (Denial of Service). For more information: SA46460 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1232-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001447.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 19 22:16:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 07:16:15 +0200 Subject: [SEC] [SA46525] Oracle Waveset User Administration Vulnerability Message-ID: <201110200516.p9K5GFk9003857@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Waveset User Administration Vulnerability SECUNIA ADVISORY ID: SA46525 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46525/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46525 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46525/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46525/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46525 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Oracle Waveset, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error within the User Administration component. The vulnerability is reported in Oracle Waveset 8.1.0 and 8.1.1. SOLUTION: Apply updates (see vendor's advisory for additional details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html#AppendixSUNS OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 10:39:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 19:39:07 +0200 Subject: [SEC] [SA46440] wizmall "BID" and "UID" SQL Injection Vulnerabilities Message-ID: <201110201739.p9KHd7rA026505@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: wizmall "BID" and "UID" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46440 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46440/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46440 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46440/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46440/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46440 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in wizmall, which can be exploited by malicious people to conduct SQL injection attacks. 1) Input passed to the "BID" parameter in wizboard/skin/sandle_photo/print.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed to the "UID" parameter in wizboard/download.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 6.4.3. Prior versions may also be affected. SOLUTION: Update to version 6.4.5. PROVIDED AND/OR DISCOVERED BY: Lee ChangHan. Additional details for vulnerability #2 provided by an anonymous person. OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 11:56:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 20:56:46 +0200 Subject: [SEC] [SA46537] Fedora update for tomcat6 Message-ID: <201110201856.p9KIukin019683@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for tomcat6 SECUNIA ADVISORY ID: SA46537 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46537/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46537 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46537/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46537/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46537 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for tomcat6. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to disclose sensitive information, bypass certain security restrictions, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, bypass certain security restrictions, conduct cross-site scripting attacks, and cause a DoS (Denial of Service). For more information: SA43194 SA44981 SA45232 SA45748 SOLUTION: Apply updated packages via the yum utility ("yum update tomcat6"). ORIGINAL ADVISORY: FEDORA-2011-13457: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068453.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 12:38:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 21:38:43 +0200 Subject: [SEC] [SA46469] IBM WebSphere Application Server for z/OS JAX-WS Applications Unspecified Vulnerability Message-ID: <201110201938.p9KJchEd011064@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM WebSphere Application Server for z/OS JAX-WS Applications Unspecified Vulnerability SECUNIA ADVISORY ID: SA46469 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46469/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46469 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46469/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46469/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46469 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with an unknown impact has been reported in IBM WebSphere Application Server for z/OS. The vulnerability is caused due to an unspecified error in a WS-Security policy enabled Java API for XML Web Services (JAX-WS) application. No further information is currently available. SOLUTION: Apply APAR PM43792. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (PM43792): http://www-01.ibm.com/support/docview.wss?uid=swg1PM50205 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 13:39:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 22:39:09 +0200 Subject: [SEC] [SA46538] Fedora update for java-1.6.0-openjdk Message-ID: <201110202039.p9KKd9BC003386@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for java-1.6.0-openjdk SECUNIA ADVISORY ID: SA46538 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46538/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46538 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46538/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46538/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46538 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for java-1.6.0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA46512 SOLUTION: Apply updated packages via the yum utility ("yum update java-1.6.0-openjdk"). ORIGINAL ADVISORY: FEDORA-2011-14638: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068450.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 14:36:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 20 Oct 2011 23:36:13 +0200 Subject: [SEC] [SA46497] Honeywell EBI Temaline Remote Installer ActiveX Control "DownloadURL()" Insecure Method Message-ID: <201110202136.p9KLaDIP027939@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Honeywell EBI Temaline Remote Installer ActiveX Control "DownloadURL()" Insecure Method SECUNIA ADVISORY ID: SA46497 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46497/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46497 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46497/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46497/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46497 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Honeywell EBI Temaline, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the Remote Installer ActiveX control providing the insecure "DownloadURL()" method. This can be exploited to download and execute arbitrary programs by tricking a user into visiting a malicious website. The vulnerability is reported in the following products: * EBI R310.1 - TEMA 4.8 * EBI R310.1 - TEMA 4.9 * EBI R310.1 - TEMA 4.10 * EBI R400.2 SP1 - TEMA 5.2 * EBI R410.1 - TEMA 5.3.0 * EBI R410.2 - TEMA 5.3.1 SOLUTION: Apply patches (please contact the vendor for more information). PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Billy Rios and Terry McCorkle. ORIGINAL ADVISORY: US-CERT: http://www.us-cert.gov/control_systems/pdf/ICSA-11-285-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 15:10:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 00:10:53 +0200 Subject: [SEC] [SA46533] CiscoWorks Common Services Home Page Component Command Injection Vulnerability Message-ID: <201110202210.p9KMAroX018944@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: CiscoWorks Common Services Home Page Component Command Injection Vulnerability SECUNIA ADVISORY ID: SA46533 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46533/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46533 RELEASE DATE: 2011-10-20 DISCUSS ADVISORY: http://secunia.com/advisories/46533/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46533/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46533 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability have been reported in CiscoWorks Common Services, which can be exploited by malicious users to compromise a vulnerable system. Certain unspecified input passed via the URL to the CiscoWorks Home Page component is not properly sanitised before being used. This can be exploited to inject and execute arbitrary shell commands. Note: This only affects CiscoWorks Common Services running on Windows. Please see the vendor's advisory for a list of affected products and versions. SOLUTION: Update to a fixed version (please see vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: The vendor credits Noam Rathaus, Beyond Security. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-cs OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 15:52:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 00:52:31 +0200 Subject: [SEC] [SA45311] KaiBB Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201110202252.p9KMqV91010286@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: KaiBB Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA45311 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45311/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45311 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/45311/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45311/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45311 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Secunia Research has discovered multiple vulnerabilities in KaiBB, which can be exploited by malicious users to conduct SQL injection attacks and by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "Referer" HTTP header to index.php and acp/index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of this vulnerability requires that the victim uses a browser that does not URL-encode the request (e.g. Internet Explorer 6). 2) Input passed via the "checkbox" POST parameter to index.php (when "s" is set to "viewtopic" and "delete_posts" and "confirmed" are set) is not properly sanitised in core/topic.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires a moderator account. 3) Input passed via the "checkbox" POST parameter to index.php (when "s" is set to "mail") is not properly sanitised in core/mail.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of vulnerabilities #2 and #3 requires that "magic_quotes_gpc" is disabled. 4) Input passed via the "attachment" parameter when uploading a file through a webform is not properly sanitised in inc/function.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires permissions to upload files. The vulnerabilities are confirmed in version 2.0.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Morten Bartvig, Secunia. ORIGINAL ADVISORY: Secunia Research: http://secunia.com/secunia_research/2011-73/ http://secunia.com/secunia_research/2011-74/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 16:16:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 01:16:59 +0200 Subject: [SEC] [SA46484] wizmall Two File Disclosure Vulnerabilities Message-ID: <201110202316.p9KNGxx7000730@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: wizmall Two File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA46484 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46484/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46484 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46484/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46484/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46484 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in wizmall, which can be exploited by malicious people to disclose potentially sensitive information. 1) Input passed to the "folder" parameter in lib/img.php is not properly verified before being used to display files. This can be exploited to display arbitrary files from local resources. 2) Input passed to the "UID" and "filename" parameters in wizboard/download.php is not properly verified before being used to download files. This can be exploited to download arbitrary files from local resources. The vulnerabilities are confirmed in version 6.4.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Lee ChangHan OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 16:52:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 01:52:14 +0200 Subject: [SEC] [SA46480] Red Hat update for krb5 Message-ID: <201110202352.p9KNqEoO024234@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for krb5 SECUNIA ADVISORY ID: SA46480 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46480/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46480 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46480/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46480/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46480 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for krb5. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46494 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1379-01: https://rhn.redhat.com/errata/RHSA-2011-1379.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 17:20:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 02:20:51 +0200 Subject: [SEC] [SA46462] Splunk Cross-Site Scripting and Denial of Service Vulnerabilities Message-ID: <201110210020.p9L0KpV0014939@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Splunk Cross-Site Scripting and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46462 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46462/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46462 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46462/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46462/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46462 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Filip Palian has reported two vulnerabilities in Splunk, which can be exploited by malicious people to conduct cross-site scripting attacks and cause a DoS (Denial of Service). 1) Input passed via the "segment" parameter to prototype/segmentation_performance in the Splunk Web component is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) A boundary error within prototype/segmentation_performance in the Splunk Web component can be exploited to exhaust system resources and render the service inaccessible. The vulnerabilities are reported in versions 4.0 through 4.2.3. SOLUTION: Update to version 4.2.4. PROVIDED AND/OR DISCOVERED BY: Filip Palian ORIGINAL ADVISORY: Splunk: http://www.splunk.com/view/SP-CAAAGGH Filip Palian: http://archives.neohapsis.com/archives/fulldisclosure/2011-10/0725.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 17:53:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 02:53:01 +0200 Subject: [SEC] [SA46490] Red Hat update for java-1.6.0-sun Message-ID: <201110210053.p9L0r1xM005806@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for java-1.6.0-sun SECUNIA ADVISORY ID: SA46490 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46490/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46490 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46490/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46490/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46490 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for java-1.6.0-sun. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA46512 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1384-01: https://rhn.redhat.com/errata/RHSA-2011-1384.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 18:17:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 03:17:43 +0200 Subject: [SEC] [SA46485] Simple PHP Forum Script "id" SQL Injection Vulnerability Message-ID: <201110210117.p9L1HhPR028714@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Simple PHP Forum Script "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46485 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46485/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46485 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46485/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46485/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46485 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Simple PHP Forum Script, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to index.php (when "show" is set to "cat") is not properly sanitised in discussion.php before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Skraps OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 18:56:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 03:56:16 +0200 Subject: [SEC] [SA46532] HP MFP Digital Sending Software Workflow Metadata Information Disclosure Weakness Message-ID: <201110210156.p9L1uGb2019913@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: HP MFP Digital Sending Software Workflow Metadata Information Disclosure Weakness SECUNIA ADVISORY ID: SA46532 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46532/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46532 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46532/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46532/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46532 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in HP MFP Digital Sending Software, which can be exploited by malicious people with local access to disclose potentially sensitive information. The weakness is caused due to an unspecified error and can be exploited to disclose personal information contained in workflow metadata to unintended recipients. The weakness is reported in version 4.91.21 and prior 4.9x versions running on Windows. SOLUTION: Update to version 4.20. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBPI02711 SSRT100647: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03052686 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 19:27:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 04:27:40 +0200 Subject: [SEC] [SA46465] Cisco Show and Share Security Bypass Security Issue and File Upload Vulnerability Message-ID: <201110210227.p9L2ReNq011208@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Show and Share Security Bypass Security Issue and File Upload Vulnerability SECUNIA ADVISORY ID: SA46465 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46465/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46465 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46465/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46465/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46465 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue and a vulnerability have been reported in Cisco Show and Share, which can be exploited by malicious users to compromise a vulnerable system and by malicious people to bypass certain security restrictions. 1) An error due to the application not verifying credentials for certain administrative pages can be exploited to gain access to the Encoders and Pull Configurations, Push Configurations, Video Encoding Formats, and Transcoding pages. 2) An error due to the application not verifying uploaded files can be exploited to execute arbitrary code with the privileges of the web server. Successful exploitation of this vulnerability requires the privileges to upload videos. The security issue and vulnerability are reported in versions 5.2, 5.2.1, and 5.2.2. SOLUTION: Update to version 5.2.2.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Andy Yang and Mehdi Kiani, stratsec. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111019-sns OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 19:50:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 04:50:51 +0200 Subject: [SEC] [SA46472] Gentoo update for tor Message-ID: <201110210250.p9L2opKc001573@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for tor SECUNIA ADVISORY ID: SA46472 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46472/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46472 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46472/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46472/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46472 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for tor. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information and by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. For more information: SA42907 SA43548 SOLUTION: Update to version "net-misc/tor-0.2.1.30" or later. ORIGINAL ADVISORY: GLSA 201110-13: http://www.gentoo.org/security/en/glsa/glsa-201110-13.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 20:18:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 05:18:27 +0200 Subject: [SEC] [SA46479] SUSE update for gimp Message-ID: <201110210318.p9L3IR9B024690@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for gimp SECUNIA ADVISORY ID: SA46479 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46479/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46479 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46479/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46479/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46479 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for gimp. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system. For more information: SA45621 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1152-1: https://hermes.opensuse.org/messages/12119696 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 20:52:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 05:52:57 +0200 Subject: [SEC] [SA46475] Fedora update for quagga Message-ID: <201110210352.p9L3qvY8015681@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for quagga SECUNIA ADVISORY ID: SA46475 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46475/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46475 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46475/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46475/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46475 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for quagga. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46139 SOLUTION: Apply updated packages via the yum utility ("yum update quagga"). ORIGINAL ADVISORY: FEDORA-2011-13499: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068207.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 21:18:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 06:18:11 +0200 Subject: [SEC] [SA46494] Kerberos KDC Multiple Denial of Service Vulnerabilities Message-ID: <201110210418.p9L4IB9i006194@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Kerberos KDC Multiple Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46494 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46494/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46494 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46494/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46494/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46494 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Kerberos, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) A NULL-pointer dereference error in the "krb5_ldap_get_principal()" function can be exploited to crash the KDC daemon. Successful exploitation of this vulnerability requires KDC to be configured to use a LDAP back end (not a default configuration). This vulnerability is reported in krb5-1.9 and later only. 2) An assertion error in the "krb5_ldap_lockout_audit()" and "krb5_db2_lockout_audit()" functions can be exploited to crash the KDC daemon. 3) A NULL-pointer dereference error in the "lookup_lockout_policy()" function can be exploited to crash the KDC daemon. Vulnerabilities #2 and #3 are reported in krb5-1.8 and later. SOLUTION: Apply patches (fixes are scheduled for the upcoming release of krb5-1.8.x and krb5-1.9.x). Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Nalin Dahyabhai and Andrej Ota. 1) Independently reported by Kyle Moffett in a Debian bug report. 2) Reported by Mark Deneen in a Ubuntu bug report. 3) Reported by the vendor. ORIGINAL ADVISORY: MITKRB5-SA-2011-006: http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2011-006.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 21:54:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 06:54:08 +0200 Subject: [SEC] [SA46511] Sun Ray Server Software Authentication Unspecified Vulnerability Message-ID: <201110210454.p9L4s8wg029666@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Sun Ray Server Software Authentication Unspecified Vulnerability SECUNIA ADVISORY ID: SA46511 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46511/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46511 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46511/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46511/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46511 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Sun Ray Server Software, which can be exploited by malicious people to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error within the Authentication component. No further information is currently available. The vulnerability is reported in version 4.0. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 20 22:17:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 07:17:36 +0200 Subject: [SEC] [SA46476] Fedora update for ldns Message-ID: <201110210517.p9L5HaSn020118@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for ldns SECUNIA ADVISORY ID: SA46476 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46476/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46476 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46476/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46476/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46476 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for ldns. This fixes a vulnerability, which can be exploited by malicious users to compromise an application using the library. For more information: SA46153 SOLUTION: Apply updated packages via the yum utility ("yum update ldns"). ORIGINAL ADVISORY: FEDORA-2011-13915: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068201.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 10:38:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 19:38:02 +0200 Subject: [SEC] [SA46543] Red Hat update for kernel Message-ID: <201110211738.p9LHc20a014572@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for kernel SECUNIA ADVISORY ID: SA46543 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46543/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46543 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46543/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46543/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46543 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for the kernel. This fixes two weaknesses and multiple vulnerabilities, which can be exploited by malicious, local users to disclose potentially sensitive information, conduct session hijacking attacks, and cause a DoS (Denial of Service), by malicious, local users in a guest virtual machine to cause a DoS, and by malicious people to cause a DoS. For more information: SA41493 SA43576 SA44094 SA44754 SA45193 SA45328 SA45420 SA45622 SA45695 1) A boundary error when handling string descriptors during new device probes in the "auerswald_probe()" function (drivers/usb/misc/auerswald.c) can be exploited to cause a buffer overflow by inserting a malicious USB device. SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) R. Dominguez Vega, MWR InfoSecurity. ORIGINAL ADVISORY: RHSA-2011:1386-01: https://rhn.redhat.com/errata/RHSA-2011-1386.html MWR InfoSecurity: http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 11:37:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 20:37:56 +0200 Subject: [SEC] [SA46514] Elgg pg/search SQL Injection Vulnerability Message-ID: <201110211837.p9LIbuVB006855@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Elgg pg/search SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46514 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46514/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46514 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46514/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46514/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46514 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Elgg, which can be exploited by malicious people to conduct SQL injection attacks. Input passed e.g. via the "limit" parameter to pg/search is not properly sanitised in mod/search/search_hooks.php before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in the versions 1.7.0 through 1.7.13. SOLUTION: Update to version 1.7.14. PROVIDED AND/OR DISCOVERED BY: The vendor credits Jeroen Dalsem, Coldtrick IT Solutions. ORIGINAL ADVISORY: Elgg: http://blog.elgg.org/pg/blog/brett/read/199/elgg-1714-released https://github.com/Elgg/Elgg/commit/368d7942a9bc21f5123828a7ba6f3ed2e6fd4efd OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 12:39:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 21:39:56 +0200 Subject: [SEC] [SA46557] Network Security Services Insecure Library Loading Vulnerability Message-ID: <201110211939.p9LJduBv031659@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Network Security Services Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA46557 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46557/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46557 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46557/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46557/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46557 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Network Security Services (NSS), which can be exploited by malicious people to compromise an application using the library. The vulnerability is caused due to the "NSS_NoDB_Init()" function incorrectly constructing a file path for the "pkcs11.txt" configuration file. This can be exploited to load arbitrary security modules via the "library" directive when a configuration file is loaded from a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. SOLUTION: Fixed in the CVS repository. PROVIDED AND/OR DISCOVERED BY: Reported by hclam in a bug report. ORIGINAL ADVISORY: https://bugzilla.mozilla.org/show_bug.cgi?id=641052 http://code.google.com/p/chromium/issues/detail?id=97426#c8 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 13:37:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 22:37:44 +0200 Subject: [SEC] [SA46471] Google Chrome NSS Insecure Library Loading Vulnerability Message-ID: <201110212037.p9LKbiY0023830@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Google Chrome NSS Insecure Library Loading Vulnerability SECUNIA ADVISORY ID: SA46471 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46471/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46471 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46471/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46471/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46471 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Google Chrome, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application bundling a vulnerable version of the NSS library. For more information: SA46557 The vulnerability is reported in version 14.0.835.186. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Luka Treiber, ACROS Security ORIGINAL ADVISORY: Google: http://code.google.com/p/chromium/issues/detail?id=97426 ACROS Security: http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 14:31:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 23:31:19 +0200 Subject: [SEC] [SA46510] GNOME Empathy Nickname Script Insertion Vulnerability Message-ID: <201110212131.p9LLVJCm015805@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: GNOME Empathy Nickname Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46510 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46510/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46510 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46510/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46510/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46510 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in GNOME Empathy, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the nickname is not properly sanitised within the Adium theme before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's IM session in context of the user's chat room when malicious data is displayed. The vulnerability is reported in version 3.2.1. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported by J?r?my in a bug report. ORIGINAL ADVISORY: https://bugzilla.gnome.org/show_bug.cgi?id=662035 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 14:53:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 21 Oct 2011 23:53:31 +0200 Subject: [SEC] [SA46539] Ubuntu update for linux Message-ID: <201110212153.p9LLrVNU006160@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA46539 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46539/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46539 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46539/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46539/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46539 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes some weaknesses and a vulnerability, which can be exploited by malicious people with physical access to compromise a vulnerable system and by malicious people to cause a DoS (Denial of Service). 1) A boundary error when handling string descriptors during new device probes in the "auerswald_probe()" function (drivers/usb/misc/auerswald.c) can be exploited to cause a buffer overflow by inserting a malicious USB device. Successful exploitation of this vulnerability may allow the execution of arbitrary code. 2) An error within the "sctp_make_init()" and "sctp_make_init_ack()" functions when calculating the INIT/INIT-ACK chunk length can be exploited to cause a kernel oops by sending specially crafted SCTP packets. Successful exploitation of this weakness requires that "net.sctp.addip_enable" is enabled. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) R. Dominguez Vega, MWR InfoSecurity. 2) George Cheimonidis in a bug report. ORIGINAL ADVISORY: USN-1236-1: http://www.ubuntu.com/usn/usn-1236-1/ MWR InfoSecurity: http://labs.mwrinfosecurity.com/files/Advisories/mwri_linux-usb-buffer-overflow_2009-10-29.pdf linux GIT: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=a8170c35e738d62e9919ce5b109cf4ed66e95bde OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 15:16:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 00:16:43 +0200 Subject: [SEC] [SA46312] WHMCompleteSolution "templatefile" Local File Inclusion Vulnerability Message-ID: <201110212216.p9LMGhM6028992@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WHMCompleteSolution "templatefile" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA46312 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46312/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46312 RELEASE DATE: 2011-10-21 DISCUSS ADVISORY: http://secunia.com/advisories/46312/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46312/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46312 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in WHMCompleteSolution, which can be exploited by malicious people to disclose potentially sensitive information. Input passed to the "templatefile" parameter in cart.php (when "a" is set to e.g. "test") is not properly verified before being used to include files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks and URL-encoded NULL bytes. SOLUTION: Apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Lagripe-Dz ORIGINAL ADVISORY: Lagripe-Dz: http://www.exploit-db.com/exploits/17999/ WHMCompleteSolution Patch Announcement: http://forum.whmcs.com/showthread.php?t=42121 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 15:53:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 00:53:18 +0200 Subject: [SEC] [SA46535] Ubuntu update for open-iscsi Message-ID: <201110212253.p9LMrI9J020088@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for open-iscsi SECUNIA ADVISORY ID: SA46535 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46535/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46535 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46535/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46535/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46535 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for open-iscsi. This fixes a security issue, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The security issue is caused due to the iscsi_discovery shell script using temporary files in an insecure manner, which can be exploited to e.g. overwrite arbitrary files via symlink attacks. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Colin Watson within a Ubuntu bug report. ORIGINAL ADVISORY: USN-1235-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001453.html Ubuntu Bug#408915: https://bugs.launchpad.net/ubuntu/+source/open-iscsi/+bug/408915 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 16:17:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 01:17:21 +0200 Subject: [SEC] [SA46482] Debian update for wireshark Message-ID: <201110212317.p9LNHL5E010562@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for wireshark SECUNIA ADVISORY ID: SA46482 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46482/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46482 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46482/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46482/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46482 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for wireshark. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system. For more information see vulnerability #2 in: SA45927 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2324-1: http://www.debian.org/security/2011/dsa-2324 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 16:52:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 01:52:32 +0200 Subject: [SEC] [SA46542] Red Hat update for httpd Message-ID: <201110212352.p9LNqWiO001545@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for httpd SECUNIA ADVISORY ID: SA46542 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46542/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46542 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46542/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46542/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46542 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for httpd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). For more information: SA46013 SA46288 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1391-01: https://rhn.redhat.com/errata/RHSA-2011-1391.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 17:21:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 02:21:13 +0200 Subject: [SEC] [SA46534] Schneider Electric Products UnitelWay Device Driver Privilege Escalation Vulnerability Message-ID: <201110220021.p9M0LDWV024718@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Schneider Electric Products UnitelWay Device Driver Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA46534 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46534/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46534 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46534/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46534/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46534 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple Schneider Electric products, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the UnitelWay device driver when handling certain input and can be exploited to cause a buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in the following products: * Vijeo Citect version 7.20 and prior. * OPC Factory Server version 3.34. * Telemecanique Driver Pack version 2.6 and prior. * Unity Pro version 6.0 and prior. * Monitor version 7.6 and prior. * PL7 Pro version 4.5 SP5 and prior. SOLUTION: Apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: ICS-CERT credits Kuang-Chun Hung, Security Research and Service Institute - Information and Communication Security Technology Center (ICST). ORIGINAL ADVISORY: Schneider Electric: http://www.scada.schneider-electric.com/sites/scada/en/login/vijeo-citect-unitelway-windows-device-driver.page ICS-CERT (ICSA-11-277-01): http://www.us-cert.gov/control_systems/pdf/ICSA-11-277-01.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 17:55:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 02:55:51 +0200 Subject: [SEC] [SA46545] Pre Studio Business Cards Designer "id" SQL Injection Vulnerability Message-ID: <201110220055.p9M0tpNO015719@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Pre Studio Business Cards Designer "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46545 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46545/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46545 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46545/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46545/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46545 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Pre Studio Business Cards Designer, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to prestudio/page.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: dr_zig ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18009/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 18:17:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 03:17:20 +0200 Subject: [SEC] [SA46474] Check Point Products ByteRange Filter Denial of Service Vulnerability Message-ID: <201110220117.p9M1HKon006032@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Check Point Products ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46474 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46474/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46474 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46474/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46474/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46474 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Check Point has acknowledged a vulnerability in multiple Check Point products, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 Please see the vendor's advisory for a list of affected products and versions. SOLUTION: Apply hotfix (please see the vendor's advisory for details). ORIGINAL ADVISORY: https://supportcenter.checkpoint.com/supportcenter/portal?solutionid=sk65222 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 18:52:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 03:52:01 +0200 Subject: [SEC] [SA46470] SUSE update for ldns Message-ID: <201110220152.p9M1q1fu029460@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for ldns SECUNIA ADVISORY ID: SA46470 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46470/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46470 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46470/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46470/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46470 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for ldns. This fixes a vulnerability, which can be exploited by malicious people to compromise an application using the library. For more information: SA46153 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1161-1: http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00008.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 19:26:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 04:26:44 +0200 Subject: [SEC] [SA46486] Check Point UTM-1 Edge / Safe@Office WebUI Multiple Vulnerabilities Message-ID: <201110220226.p9M2QiEh020955@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Check Point UTM-1 Edge / Safe at Office WebUI Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46486 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46486/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46486 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46486/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46486/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46486 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Check Point UTM-1 Edge and Safe at Office, which can be exploited by malicious people to conduct cross-site scripting, request forgery, and spoofing attacks and disclose sensitive information. 1) Certain unspecified input passed to the WebUI is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The WebUI allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to perform certain unspecified actions if a user visits a specially crafted web page. 3) Certain unspecified input passed to the WebUI is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain. 4) An unspecified error in the WebUI can be exploited to disclose certain sensitive information. The vulnerabilities are reported in versions prior to 8.2.44. SOLUTION: Update to version 8.2.44. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Richard Brain, ProCheckUp. ORIGINAL ADVISORY: Checkpoint (sk65460): https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solutionid=sk65460 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 19:52:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 04:52:04 +0200 Subject: [SEC] [SA46540] Ubuntu update for acpid Message-ID: <201110220252.p9M2q4qx011475@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for acpid SECUNIA ADVISORY ID: SA46540 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46540/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46540 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46540/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46540/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46540 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for acpid. This fixes a security issue, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA42947 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1234-1: http://www.ubuntu.com/usn/usn-1234-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 20:17:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 05:17:16 +0200 Subject: [SEC] [SA46459] Joomla! Multiple NoNumber Extensions Local File Inclusion and PHP Code Execution Message-ID: <201110220317.p9M3HGc9001950@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! Multiple NoNumber Extensions Local File Inclusion and PHP Code Execution SECUNIA ADVISORY ID: SA46459 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46459/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46459 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46459/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46459/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46459 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in multiple NoNumber extensions for Joomla!, which can be exploited by malicious people to disclose sensitive information and compromise a vulnerable system. 1) Input passed via the "file" parameter to index.php (when "nn_qp" is set) is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal sequences and URL-encoded NULL bytes. 2) Input passed via the "url_options[]" POST parameter to index.php (when "nn_qp" and "url" are set) is not properly sanitised before being passed to the "curl_setopt_array()" function. This can be exploited to create cookie files with arbitrary PHP content in the webroot. The vulnerabilities are reported in the following extensions and versions: * Add to Menu, versions prior to 1.8.1. * AdminBar Docker, versions prior to 1.6.1. * Advanced Module Manager, versions prior to 2.2.3. * Articles Anywhere, versions prior to 1.13.1. * Better Preview, versions prior to 1.10.1. * Cache Cleaner, versions prior to 1.11.1. * CDN, versions prior to 1.6.1. * Content Templater, versions prior to 1.14.1. * CustoMenu, versions prior to 2.8.1. * DB Replacer, versions prior to 1.3.2. * Modalizer, versions prior to 3.6.1. * Modules Anywhere, versions prior to 1.13.1. * NoNumber! Extension Manager, versions prior to 2.6.2. * ReReplacer, versions prior to 2.17.2. * Slider, versions prior to 1.7.1. * Snippets, versions prior to 1.2.1. * Sourcerer, versions prior to 2.11.1. * Tabber, versions prior to 1.7.1. * Timed Styles, versions prior to 1.4.1. * Tooltips, versions prior to 1.1.1. * What? Nothing!, versions prior to 6.2.1. SOLUTION: Update to the respective latest version. PROVIDED AND/OR DISCOVERED BY: jdc ORIGINAL ADVISORY: NoNumber: http://feeds.feedburner.com/nonumber/news Joomla!: http://docs.joomla.org/Vulnerable_Extensions_List#NoNumber_Framework OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 20:52:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 05:52:08 +0200 Subject: [SEC] [SA46460] X.Org xserver File Locking Weakness and Security Issue Message-ID: <201110220352.p9M3q88J025425@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: X.Org xserver File Locking Weakness and Security Issue SECUNIA ADVISORY ID: SA46460 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46460/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46460 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46460/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46460/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46460 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness and a security issue have been reported in X.Org xserver, which can be exploited by malicious, local users to disclose system and sensitive information and cause a DoS (Denial of Service). 1) The weakness is caused due to the "LockServer()" function (os/utils.c) behaving differently when trying to create the lock file and the lock file already exists as a symlink, depending on whether or not the symlink points to an existing or non-existing file. 2) The security issue is caused due to a race condition within the "LockServer()" function (os/utils.c) when setting the permissions of the lock file, which can be exploited to change the permissions of arbitrary files to mode 444 via symlink attacks. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits vladz. ORIGINAL ADVISORY: http://lists.freedesktop.org/archives/xorg/2011-October/053680.html http://cgit.freedesktop.org/xorg/xserver/commit/?id=6ba44b91e37622ef8c146d8f2ac92d708a18ed34 http://cgit.freedesktop.org/xorg/xserver/commit/?id=b67581cf825940fdf52bf2e0af4330e695d724a4 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 21:17:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 06:17:44 +0200 Subject: [SEC] [SA46508] Oracle Remote Data Capture RDC Help Data Manipulation Vulnerability Message-ID: <201110220417.p9M4Hib8015967@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Remote Data Capture RDC Help Data Manipulation Vulnerability SECUNIA ADVISORY ID: SA46508 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46508/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46508 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46508/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46508/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46508 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Remote Data Capture, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to an unspecified error in the RDC Help component. No further information is currently available. The vulnerability is reported in versions 4.6 and 4.6.2. SOLUTION: Apply fix (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 21:53:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 06:53:07 +0200 Subject: [SEC] [SA46502] Oracle Database Multiple Vulnerabilities Message-ID: <201110220453.p9M4r7Nu006999@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Database Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46502 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46502/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46502 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46502/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46502/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46502 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle Database, which can be exploited by malicious users to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, conduct SQL injection attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) An unspecified error in the Application Express component can be exploited by authenticated users. Successful exploitation of this vulnerability may allow execution of arbitrary code, but requires APEX developer user privileges. 2) Certain input passed via spatial indexes to the Core RDBMS is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires Create session, create procedure, and create table privileges. 3) An error within the TABLEFUNC_ASOWN function in the Oracle Text component can be exploited by authenticated users to cause a buffer overflow via overly long string parameters. Successful exploitation of this vulnerability requires Execute on CTXSYS.DRVDISP privileges. 4) An error within the OCIPasswordChange API in the Database Vault component can be exploited to change a user's password. Successful exploitation of this vulnerability requires DV_ACCTMGR privileges. 5) An error within the OCIPasswordChange API in the Database Vault component can be exploited to change a user's password. Successful exploitation of this vulnerability requires SYSDBA privileges. The vulnerabilities are reported in the following products: * Oracle Database 11g Release 2 version 11.2.0.2. * Oracle Database 11g Release 1 version 11.1.0.7. * Oracle Database 10g Release 2 versions 10.2.0.3, 10.2.0.4, and 10.2.0.5. * Oracle Database 10g Release 1 version 10.1.0.5. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 2) Martin Rakhmanov, Application Security Inc. 3, 4, 5) Esteban Martinez Fayo, Application Security Inc. It is currently unclear who reported the remaining vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html Application Security: http://www.teamshatter.com/topics/general/team-shatter-exclusive/sql-injection-vulnerability-in-oracle-drop-index-for-spatial-datatypes/ http://www.teamshatter.com/topics/general/team-shatter-exclusive/database-vault-account-management-vulnerabilites/ http://www.teamshatter.com/topics/general/team-shatter-exclusive/buffer-overflow-in-oracle-database-ctxsys-drvdisp-tablefunc_asown-function/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 21 22:16:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 07:16:19 +0200 Subject: [SEC] [SA46515] Oracle PeopleSoft PeopleTools Two Vulnerabilities Message-ID: <201110220516.p9M5GJmR029842@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle PeopleSoft PeopleTools Two Vulnerabilities SECUNIA ADVISORY ID: SA46515 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46515/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46515 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46515/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46515/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46515 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Oracle PeopleSoft PeopleTools, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data. 1) An unspecified error within the Security component can be exploited to disclose and manipulate certain data. 2) An unspecified error within the Personalization component can be exploited to manipulate certain data. The vulnerabilities are reported in versions 8.49, 8.50, and 8.51. SOLUTION: Apply fix (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 10:37:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 19:37:22 +0200 Subject: [SEC] [SA46457] Dolphin "eval()" PHP Code Execution Vulnerability Message-ID: <201110221737.p9MHbMsc024349@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Dolphin "eval()" PHP Code Execution Vulnerability SECUNIA ADVISORY ID: SA46457 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46457/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46457 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46457/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46457/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46457 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Dolphin, which can be exploited by malicious users to compromise a vulnerable system. Input passed via the "bubbles" parameter to member_menu_queries.php (when "action" is set to "get_bubbles_values") is not properly sanitised before being used in an "eval()" call. This can be exploited to execute arbitrary PHP code. The vulnerability is confirmed in version 7.0.7. Other versions may also be affected. SOLUTION: Fixed in version 7.0.8 beta 1. PROVIDED AND/OR DISCOVERED BY: EgiX OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 11:41:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 20:41:22 +0200 Subject: [SEC] [SA46504] Oracle E-Business Suite Multiple Vulnerabilities Message-ID: <201110221841.p9MIfMWC016844@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle E-Business Suite Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46504 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46504/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46504 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46504/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46504/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46504 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle E-Business Suite, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data and by malicious people to manipulate certain data. 1) An unspecified error in the HTML Pages component can be exploited to manipulate Oracle Application Object Library accessible data. 2) An unspecified error in the Online Help component can be exploited to manipulate Oracle Application Object Library accessible data. 3) An unspecified error in the Single Sign On component can be exploited to manipulate Oracle Application Object Library accessible data. 4) An unspecified error in the Attachments / File Upload component can be exploited by authenticated users to manipulate Oracle Application Object Library accessible data. 5) An unspecified error in the REST Services component can be exploited by authenticated users to disclose Oracle Applications Framework accessible data. The vulnerabilities are reported in the following products: * Oracle E-Business Suite Release 12 versions 12.0.6, 12.1.2, and 12.1.3. * Oracle E-Business Suite Release 11i version 11.5.10.2. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 12:36:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 21:36:16 +0200 Subject: [SEC] [SA46518] Oracle Outside In Technology Denial of Service Weakness Message-ID: <201110221936.p9MJaGRj008877@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Outside In Technology Denial of Service Weakness SECUNIA ADVISORY ID: SA46518 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46518/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46518 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46518/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46518/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46518 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Oracle Outside In Technology, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The weakness is caused due to an unspecified error in the Outside In Filters component and can be exploited to cause a DoS within the Outside In Technology component. The weakness is reported in versions 8.3.5 and 8.3.7. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this weakness as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 13:36:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 22:36:38 +0200 Subject: [SEC] [SA46513] Oracle Thesaurus Management System TMS Help Data Manipulation Vulnerability Message-ID: <201110222036.p9MKacRn001146@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Thesaurus Management System TMS Help Data Manipulation Vulnerability SECUNIA ADVISORY ID: SA46513 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46513/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46513 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46513/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46513/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46513 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Thesaurus Management System, which can be exploited by malicious people to manipulate certain data. The vulnerability is caused due to an unspecified error in the TMS Help component. No further information is currently available. The vulnerability is reported in versions 4.6.1 and 4.6.2. SOLUTION: Apply fix (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported the vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 14:31:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 23:31:07 +0200 Subject: [SEC] [SA46478] Fedora update for awstats Message-ID: <201110222131.p9MLV7PD025610@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for awstats SECUNIA ADVISORY ID: SA46478 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46478/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46478 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46478/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46478/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46478 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for awstats. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA46160 SOLUTION: Apply updated packages via the yum utility ("yum update awstats"). ORIGINAL ADVISORY: FEDORA-2011-14025: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068184.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 14:52:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 22 Oct 2011 23:52:00 +0200 Subject: [SEC] [SA46506] Oracle Siebel CRM Three Vulnerabilities Message-ID: <201110222152.p9MLq0vk015920@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Siebel CRM Three Vulnerabilities SECUNIA ADVISORY ID: SA46506 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46506/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46506 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46506/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46506/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46506 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Three vulnerabilities have been reported in Oracle Siebel CRM, which can be exploited by malicious users and malicious people to disclose potentially sensitive information and manipulate certain data. 1) An unspecified error in the User Interface subcomponent of the UIF Client component can be exploited by authenticated users to disclose and manipulate certain data. 2) An unspecified error in the Email Marketing subcomponent of the Marketing component can be exploited to manipulate certain data. Vulnerabilities #1 and #2 are reported in version 8.0.0. 3) An unspecified error in the User Interface subcomponent of the UIF Server component can be exploited to disclose certain data. This vulnerability is reported in versions 8.0.0 and 8.1.1. SOLUTION: Apply fix (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 15:18:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 00:18:28 +0200 Subject: [SEC] [SA46507] Oracle Agile PLM for Process Information Disclosure Vulnerability Message-ID: <201110222218.p9MMISGP006513@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Agile PLM for Process Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA46507 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46507/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46507 RELEASE DATE: 2011-10-22 DISCUSS ADVISORY: http://secunia.com/advisories/46507/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46507/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46507 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oracle Agile PLM (Product Lifecycle Management) for Process, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error in the Supplier Portal component and can be exploited to disclose certain data. The vulnerability is reported in versions 5.2.2, 6.0.0.2, 6.0.0.3, and 6.0.0.4. SOLUTION: Apply updates (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported this vulnerability as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 15:53:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 00:53:27 +0200 Subject: [SEC] [SA46501] Avaya Identity Engines Ignition Server GIOP Processing Security Bypass Vulnerability Message-ID: <201110222253.p9MMrRiI029955@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Avaya Identity Engines Ignition Server GIOP Processing Security Bypass Vulnerability SECUNIA ADVISORY ID: SA46501 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46501/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46501 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46501/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46501/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46501 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Avaya Identity Engines Ignition Server, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA46492 The vulnerability is reported in versions 6.0.x. SOLUTION: Upgrade to version 7.0.2. PROVIDED AND/OR DISCOVERED BY: AbdulAziz Hariri, ThirdEyeTesters via ZDI. ORIGINAL ADVISORY: Avaya: http://support.avaya.com/css/P8/documents/100148155 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-293/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 16:17:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 01:17:14 +0200 Subject: [SEC] [SA46492] Avaya Identity Engines Ignition Server GIOP Processing Security Bypass Vulnerability Message-ID: <201110222317.p9MNHEkb020406@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Avaya Identity Engines Ignition Server GIOP Processing Security Bypass Vulnerability SECUNIA ADVISORY ID: SA46492 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46492/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46492 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46492/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46492/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46492 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Avaya Identity Engines Ignition Server, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to an error in the AdminAccountManager process when handling GIOP requests and can be exploited to gain access to administrative functions without authentication via specially crafted GIOP packets sent to TCP port 23456 and 23457. The vulnerability is reported in versions prior to 7.0.2. SOLUTION: Update to version 7.0.2 PROVIDED AND/OR DISCOVERED BY: AbdulAziz Hariri, ThirdEyeTesters via ZDI. ORIGINAL ADVISORY: Avaya: http://support.avaya.com/css/P8/documents/100148155 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-293/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 16:53:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 01:53:48 +0200 Subject: [SEC] [SA46505] Oracle PeopleSoft Enterprise Human Resource Management System Multiple Vulnerabilities Message-ID: <201110222353.p9MNrmfs011502@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle PeopleSoft Enterprise Human Resource Management System Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46505 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46505/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46505 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46505/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46505/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46505 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Oracle PeopleSoft Enterprise Human Resource Management System, which can be exploited by malicious users to disclose potentially sensitive information and manipulate certain data. 1) An unspecified error within the Candidate Gateway component can be exploited to disclose and manipulate certain data. 2) An unspecified error within the Job Profile Manager (JPM) component can be exploited to disclose and manipulate certain data. 3) An unspecified error within the eProfile component can be exploited to disclose and manipulate certain data. 4) An unspecified error within the Talent Acquisition Manager component can be exploited to disclose certain data. 5) An unspecified error within the eDevelopment component can be exploited to disclose certain data. The vulnerabilities are reported in versions 8.9, 9.0, and 9.1. SOLUTION: Apply fix (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: It is currently unclear who reported these vulnerabilities as the Oracle Critical Patch Update for October 2011 only provides a bundled list of credits. This section will be updated when/if the original reporter provides more information. ORIGINAL ADVISORY: Oracle: http://www.oracle.com/atechnetwork/topics/security/cpuoct2011-330135.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 17:18:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 02:18:44 +0200 Subject: [SEC] [SA46314] enkai Unspecified Cross-Site Scripting Vulnerability Message-ID: <201110230018.p9N0IioW001993@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: enkai Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46314 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46314/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46314 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46314/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46314/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46314 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in enkai, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version enkai030511. Other versions may also be affected. SOLUTION: Update to version enkai110916. PROVIDED AND/OR DISCOVERED BY: JVN credits Ayumi Yamaguchi, Niconicom Co.,LTD. ORIGINAL ADVISORY: JVN (English): http://jvn.jp/en/jp/JVN03869266/index.html http://jvndb.jvn.jp/en/contents/2011/JVNDB-2011-000077.html JVN (Japanese): http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000077.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 17:51:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 02:51:39 +0200 Subject: [SEC] [SA46317] SUSE update for librsvg Message-ID: <201110230051.p9N0pdhk025355@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for librsvg SECUNIA ADVISORY ID: SA46317 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46317/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46317 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46317/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46317/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46317 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for librsvg. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library. For more information: SA45877 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1090-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00003.html SUSE-SU-2011:1092-1: https://hermes.opensuse.org/messages/12005108 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 18:17:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 03:17:51 +0200 Subject: [SEC] [SA46330] Cisco Adaptive Security Appliances Security Bypass and Denial of Service Vulnerabilities Message-ID: <201110230117.p9N1Hpbr015943@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Adaptive Security Appliances Security Bypass and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46330 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46330/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46330 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46330/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46330/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46330 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco Adaptive Security Appliances (ASA), which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). For more information: SA46278 1) An error in the MSN IM inspection feature within the IM inspection engine can be exploited to cause a crash via specially crafted packets that transit the appliance. Successful exploitation requires that the MSN IM inspection is enabled (disabled by default). Note: The vulnerabilities only affect the Cisco ASA 5500 Series and Cisco Catalyst 6500 Series. Please see the vendor's advisory for a list of affected versions. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20111005-asa.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 18:53:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 03:53:15 +0200 Subject: [SEC] [SA46270] Debian update for icedove Message-ID: <201110230153.p9N1rFvf006975@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for icedove SECUNIA ADVISORY ID: SA46270 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46270/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46270 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46270/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46270/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46270 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for icedove. This fixes multiple vulnerabilities, which can be exploited by malicious people to compromise a user's system. For more information: SA46203 SA46205 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2317-1: http://www.debian.org/security/2011/dsa-2317 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 19:27:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 04:27:56 +0200 Subject: [SEC] [SA46326] IBM Rational AppScan Products Two Vulnerabilities Message-ID: <201110230227.p9N2RuGD029047@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM Rational AppScan Products Two Vulnerabilities SECUNIA ADVISORY ID: SA46326 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46326/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46326 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46326/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46326/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46326 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM Rational AppScan, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error in the import functionality can be exploited via a specially crafted ZIP file. NOTE: This only affects the Enterprise and Reporting Console editions. 2) An unspecified error in the load file functionality can be exploited via a specially crafted SCAN file. NOTE: This only affects the Standard and Express editions. Successful exploitation of these vulnerabilities may allow execution of arbitrary code, but requires tricking a user into opening a malicious file. Please see the vendor's advisory for a list of affected versions. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21515110 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 19:51:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 04:51:50 +0200 Subject: [SEC] [SA46310] WordPress Redirection Plugin "Referer" Header Script Insertion Vulnerability Message-ID: <201110230251.p9N2poth019512@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Redirection Plugin "Referer" Header Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46310 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46310/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46310 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46310/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46310/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46310 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Redirection plugin for WordPress, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "Referer" HTTP header when visiting non-existing posts is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is confirmed in version 2.2.9. Prior versions may also be affected. SOLUTION: Update to version 2.2.10. PROVIDED AND/OR DISCOVERED BY: dotxed ORIGINAL ADVISORY: Redirection: http://wordpress.org/extend/plugins/redirection/changelog/ http://plugins.trac.wordpress.org/changeset?reponame=&new=447262%40redirection&old=421721%40redirection OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 20:17:28 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 05:17:28 +0200 Subject: [SEC] [SA46278] Cisco Firewall Services Module Security Bypass and Denial of Service Vulnerabilities Message-ID: <201110230317.p9N3HSJA010038@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Firewall Services Module Security Bypass and Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46278 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46278/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46278 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46278/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46278/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46278 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Cisco Firewall Services Module (FWSM), which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). 1) An error in the implementation of the system log message ID 302015 when generating a log message for IPv6 traffic can be exploited to cause a memory corruption. Successful exploitation of this vulnerability requires that the FWSM has interfaces with IPv6 addresses. 2) An error in the authentication proxy feature during a high number of network access authentication requests related to the "aaa authentication match" and "aaa authentication include" commands can be exploited to cause a crash. 3) An error in the TACACS+ implementation can be exploited to bypass the TACACS+ authentication mechanism. 4) Four errors in the SunRPC inspection engine while processing certain SunRPC messages can be exploited to reload a device via specially crafted SunRPC packets that transit the appliance. 5) An error in the ILS inspection engine while processing certain ILS messages can be exploited to reload a device via specially crafted ILS packets that transit the appliance. The vulnerabilities are reported in versions 3.1, 3.2, 4.0, and 4.1. SOLUTION: Update to version 3.1(21), 3.2(22), 4.0(16), or 4.1(7). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20111005-fwsm.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 20:52:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 05:52:44 +0200 Subject: [SEC] [SA46332] Drupal Homebox Module Script Insertion Vulnerability Message-ID: <201110230352.p9N3qiwP001043@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Drupal Homebox Module Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46332 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46332/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46332 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46332/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46332/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46332 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Homebox module for Drupal, which can be exploited by malicious users to conduct script insertion attacks. Certain input is not properly sanitised in the Homebox OG submodule before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. Successful exploitation requires permissions to create or edit an Organic Groups node. The vulnerability is reported in versions 6.x-2.x. SOLUTION: The vulnerability is fixed in version 6.x-3.0-beta5 Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Greg Knaddison of the Drupal Security Team. ORIGINAL ADVISORY: SA-CONTRIB-2011-044: http://drupal.org/node/1300552 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 21:17:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 06:17:25 +0200 Subject: [SEC] [SA46328] WordPress WP-PostRatings Plugin "[ratings]" Shortcode SQL Injection Vulnerability Message-ID: <201110230417.p9N4HPcX024012@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress WP-PostRatings Plugin "[ratings]" Shortcode SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46328 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46328/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46328 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46328/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46328/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46328 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the WP-PostRatings plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "id" attribute of the "[ratings]" shortcode when creating posts is not properly sanitised in wp-content/plugins/wp-postratings/wp-postratings.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires the "Author" role. The vulnerability is confirmed in version 1.50 and reported in version 1.61. Prior versions may also be affected. SOLUTION: Update to version 1.62. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: WP-PostRatings: http://wordpress.org/extend/plugins/wp-postratings/changelog/ http://plugins.trac.wordpress.org/changeset/430970/wp-postratings/trunk/wp-postratings.php?old=355076&old_path=wp-postratings%2Ftrunk%2Fwp-postratings.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 21:51:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 06:51:20 +0200 Subject: [SEC] [SA46288] Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness Message-ID: <201110230451.p9N4pK3K014973@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apache HTTP Server mod_proxy Reverse Proxy Mode Security Bypass Weakness SECUNIA ADVISORY ID: SA46288 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46288/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46288 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46288/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46288/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46288 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Apache HTTP Server, which can be exploited by malicious people to bypass certain security restrictions. The weakness is caused due to the mod_proxy module, when configured in reverse proxy mode, incorrectly processing certain web requests. This can be exploited to send requests to an unintended server behind the proxy via a specially crafted URL. Successful exploitation requires the use of "ProxyPassMatch" and "RewriteRule" configuration directives with a certain pattern match. The weakness is reported in all 2.x versions. SOLUTION: Apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Michael Jordon and David Robinson, Context Information Security Ltd. ORIGINAL ADVISORY: Apache: http://mail-archives.apache.org/mod_mbox/httpd-announce/201110.mbox/browser Context Information Security Ltd: http://www.contextis.com/research/blog/reverseproxybypass/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 22 22:16:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 07:16:11 +0200 Subject: [SEC] [SA46329] IBM Rational AppScan Products Two Vulnerabilities Message-ID: <201110230516.p9N5GBRb005466@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM Rational AppScan Products Two Vulnerabilities SECUNIA ADVISORY ID: SA46329 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46329/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46329 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46329/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46329/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46329 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM Rational AppScan, which can be exploited by malicious people to compromise a user's system. For more information: SA46326 SOLUTION: Upgrade to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21515110 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 10:37:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 19:37:00 +0200 Subject: [SEC] [SA46309] Cisco Network Admission Control Directory Traversal Vulnerability Message-ID: <201110231737.p9NHb0iv032387@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Network Admission Control Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA46309 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46309/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46309 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46309/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46309/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46309 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco Network Admission Control (NAC), which can be exploited by malicious people to disclose sensitive information. Certain input passed to the management interface via the URL is not properly verified before being used. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. The vulnerability is reported in versions 4.8.x. SOLUTION: Update to version 4.9. PROVIDED AND/OR DISCOVERED BY: The vendor credits Nenad Stojanovski, Macedonian Telekom. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20111005-nac.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 11:36:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 20:36:42 +0200 Subject: [SEC] [SA46293] Kolab Server ByteRange Filter Denial of Service Vulnerability Message-ID: <201110231836.p9NIagQJ024668@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Kolab Server ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46293 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46293/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46293 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46293/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46293/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46293 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Kolab has acknowledged a vulnerability in Kolab Server, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 SOLUTION: Update to version 2.3.4. ORIGINAL ADVISORY: http://kolab.org/pipermail/kolab-announce/2011/000103.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 12:39:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 21:39:42 +0200 Subject: [SEC] [SA46242] Pale Moon Multiple Vulnerabilities Message-ID: <201110231939.p9NJdgEi017115@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Pale Moon Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46242 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46242/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46242 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46242/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46242/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46242 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Pale Moon, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46203 The vulnerabilities are reported in versions prior to 3.6.24. SOLUTION: Update to version 3.6.24. ORIGINAL ADVISORY: http://www.palemoon.org/releasenotes.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 13:39:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 22:39:32 +0200 Subject: [SEC] [SA46124] Pale Moon Multiple Vulnerabilities Message-ID: <201110232039.p9NKdWjf009384@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Pale Moon Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46124 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46124/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46124 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46124/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46124/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46124 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple weaknesses and vulnerabilities have been reported in Pale Moon, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46171 SOLUTION: Upgrade to version 7.0. ORIGINAL ADVISORY: http://www.palemoon.org/releasenotes-ng.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 14:32:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 23 Oct 2011 23:32:20 +0200 Subject: [SEC] [SA46245] FFmpeg Multiple Vulnerabilities Message-ID: <201110232132.p9NLWK4A001289@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: FFmpeg Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46245 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46245/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46245 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46245/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46245/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46245 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in FFmpeg, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a user's system. The vulnerabilities are caused due to various errors within the 4xm, ADPCM IMA Electronic Arts EACS, ANM, Electronic Arts CMV, PTX, QDM2, QuickDraw, TIFF, Tiertex Limited SEQ, aac, bink, flic, h264, indeo2, jpeg 2000, mpc v8, rasterfile, shorten, sun raster, vmd audio, vmd video, wmapro, wmavoice, and xan decoders, the 4X Technologies, Deluxe Paint Animation, avi, and avs demuxers, the libx264 interface to the x264 encoder, the unsharp filter, and the mov muxer, which can be exploited to e.g. cause NULL pointer dereferences, out-of-bounds reads and writes, double-frees, and buffer overflows via e.g. specially crafted media content. The vulnerabilities are reported in versions prior to 0.7.6 and 0.8.5. 1) A boundary error within the "cinvideo_decode_frame()" function (libavcodec/dsicinav.c) can be exploited to cause a heap based buffer overflow via a Delphine Software International CIN (*.CIN) file containing a frame with an overly large number of palette colors. 2) The "qdm2_decode_init()" function (libavcodec/qdm2.c) does not properly limit the number of channels, which can be exploited to e.g. cause an out-of-bounds write within the "fill_tone_level_array()" function (libavcodec/qdm2.c) via specially crafted media files. SOLUTION: Update to version 0.7.6 and 0.8.5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://ffmpeg.org/#pr7dot6and8dot5 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 15:04:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 00:04:35 +0200 Subject: [SEC] [SA46120] Barracuda Backup Multiple Script Insertion Vulnerabilities Message-ID: <201110232204.p9NM4Z9Z024628@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Barracuda Backup Multiple Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA46120 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46120/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46120 RELEASE DATE: 2011-10-23 DISCUSS ADVISORY: http://secunia.com/advisories/46120/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46120/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46120 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Benjamin Kunz Mejri has reported multiple vulnerabilities in Barracuda Backup, which can be exploited by malicious users to conduct script insertion attacks. Certain input passed to e.g. the e-mail filter, the expressions, and the exclusion rules modules is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in version 2.0. Other versions may also be affected. SOLUTION: Reportedly, the vendor has issued a fix. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: Benjamin Kunz Mejri (Rem0ve). ORIGINAL ADVISORY: http://www.vulnerability-lab.com/get_content.php?id=31 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 15:34:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 00:34:02 +0200 Subject: [SEC] [SA46244] Radfa Sabadkharid Arbitrary File Upload Vulnerability Message-ID: <201110232234.p9NMY2Jq015381@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Radfa Sabadkharid Arbitrary File Upload Vulnerability SECUNIA ADVISORY ID: SA46244 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46244/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46244 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46244/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46244/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46244 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Radfa Sabadkharid, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the wysiwyg/editor/filemanager/upload/php/upload.php script not properly validating uploaded file types, which can be exploited to e.g. execute arbitrary PHP code through an uploaded PHP file. SOLUTION: Reportedly, the vendor has issued a fix. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: St493r ORIGINAL ADVISORY: http://www.sabadkharid.com/news/19/%D9%82%D8%A7%D8%A8%D9%84-%D8%AA%D9%88%D8%AC%D9%87-%D9%85%D8%B4%D8%AA%D8%B1%DB%8C%D8%A7%D9%86-%D9%82%D8%AF%DB%8C%D9%85%DB%8C-%D9%86%D8%B3%D8%AE%D9%87-%D8%AD%D8%B1%D9%81%D9%87-%D8%A7%DB%8C!.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 16:05:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 01:05:44 +0200 Subject: [SEC] [SA46280] Cytel Products Cytel Studio Component File Processing Vulnerabilities Message-ID: <201110232305.p9NN5iIe006237@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cytel Products Cytel Studio Component File Processing Vulnerabilities SECUNIA ADVISORY ID: SA46280 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46280/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46280 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46280/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46280/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46280 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered multiple vulnerabilities in Cytel StatXact, Cytel LogXact, and Cytel CrossOver, which can be exploited by malicious people to compromise a user's system. 1) A boundary error in Cytel Studio (CeCEDll.dll) when processing Data files (".cy3" and ".cyl") can be exploited to cause a stack-based buffer overflow via a specially crafted file. 2) An integer overflow error in Cytel Studio when processing Data files (".cy3" and ".cyl") can be exploited to cause a heap-based buffer overflow via a specially crafted file. 3) A boundary error in Cytel Studio (cbf.exe) when processing Submit files (".cyb") can be exploited to cause a stack-based buffer overflow via an overly long string assigned to the "USE" command. Successful exploitation of these vulnerabilities allows execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerabilities are confirmed in version 9.0.0. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/cytel_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 16:32:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 01:32:42 +0200 Subject: [SEC] [SA46299] Perl Digest "Digest->new()" Code Injection Vulnerability Message-ID: <201110232332.p9NNWgGp029271@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Perl Digest "Digest->new()" Code Injection Vulnerability SECUNIA ADVISORY ID: SA46299 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46299/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46299 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46299/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46299/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46299 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Perl, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a vulnerability in the included Digest module. For more information: SA46279 SOLUTION: Fixed in the GIT repository. ORIGINAL ADVISORY: http://perl5.git.perl.org/perl.git/commit/a2fa999d41c94d622051667d897fedca90be1828 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 17:08:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 02:08:15 +0200 Subject: [SEC] [SA46289] Ubuntu update for puppet Message-ID: <201110240008.p9O08FU5020335@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for puppet SECUNIA ADVISORY ID: SA46289 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46289/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46289 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46289/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46289/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46289 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for puppet. This fixes multiple security issues, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA46286 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1223-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001435.html USN-1223-2: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001441.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 17:32:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 02:32:09 +0200 Subject: [SEC] [SA46264] WordPress EvoLve Theme "s" Cross-Site Scripting Vulnerability Message-ID: <201110240032.p9O0W9Ax010787@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress EvoLve Theme "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46264 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46264/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46264 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46264/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46264/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46264 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the EvoLve theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "s" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.2.6. Prior versions may also be affected. SOLUTION: Update to version 1.2.7. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: EvoLve: http://theme4press.com/evolve/#change Sitewatch: https://sitewat.ch/en/Advisories/10 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 18:05:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 03:05:48 +0200 Subject: [SEC] [SA46227] WordPress WP-Polls Plugin "[poll]" Shortcode SQL Injection Vulnerability Message-ID: <201110240105.p9O15m9X001699@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress WP-Polls Plugin "[poll]" Shortcode SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46227 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46227/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46227 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46227/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46227/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46227 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the WP-Polls plugin for WordPress, which can be exploited by malicious users to conduct SQL injection attacks. Input passed via the "id" attribute of the "[poll]" shortcode when creating posts is not properly sanitised in the "display_pollresult()" function in wp-content/plugins/wp-polls/wp-polls.php before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires the "Author" role. The vulnerability is confirmed in version 2.50 and reported in version 2.61. Prior versions may also be affected. SOLUTION: Update to version 2.62. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: WP-Polls: http://wordpress.org/extend/plugins/wp-polls/changelog/ http://plugins.trac.wordpress.org/changeset/430968/wp-polls/trunk/wp-polls.php?old=355075&old_path=wp-polls%2Ftrunk%2Fwp-polls.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 18:31:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 03:31:15 +0200 Subject: [SEC] [SA46257] SUSE update for MozillaFirefox Message-ID: <201110240131.p9O1VFNA024696@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for MozillaFirefox SECUNIA ADVISORY ID: SA46257 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46257/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46257 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46257/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46257/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46257 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for MozillaFirefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46203 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1079-1: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00030.html SUSE-SU-2011:1096-1: http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00001.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 18:51:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 03:51:44 +0200 Subject: [SEC] [SA46174] Cisco IOS Cisco 10000 Series Routers ICMP Denial of Service Vulnerability Message-ID: <201110240151.p9O1piLo015002@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco IOS Cisco 10000 Series Routers ICMP Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46174 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46174/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46174 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46174/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46174/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46174 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when processing ICMP packets, which can be exploited to reload a device by sending a series of ICMP packets. Note: This only affects the Cisco IOS on Cisco 10000 Series Routers. Please see the vendor's advisory for a list of affected versions. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110928-c10k.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 19:27:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 04:27:59 +0200 Subject: [SEC] [SA46287] OpenVZ update for kernel Message-ID: <201110240227.p9O2Rx8E007698@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: OpenVZ update for kernel SECUNIA ADVISORY ID: SA46287 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46287/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46287 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46287/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46287/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46287 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: OpenVZ has issued an update for the kernel. This fixes some weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious, local users in a guest virtual machine and malicious people to cause a DoS. For more information: SA45897 SOLUTION: Update kernel branch RHEL5 to version 028stab094.3. ORIGINAL ADVISORY: http://wiki.openvz.org/Download/kernel/rhel5/028stab094.3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 19:52:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 04:52:17 +0200 Subject: [SEC] [SA46286] Puppet Multiple Security Issues Message-ID: <201110240252.p9O2qH41030587@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Puppet Multiple Security Issues SECUNIA ADVISORY ID: SA46286 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46286/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46286 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46286/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46286/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46286 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple security issues have been reported in Puppet, which can be exploited by malicious, local users to perform certain actions with escalated privileges. 1) A race condition when handling SSH authorized keys can be exploited to e.g. change the permissions of arbitrary files via symlink attacks. 2) The ".k5login" file in a user's home directory is updated as the root user in an insecure manner, which can be exploited to e.g. replace another user's ".k5login" file via symlink attacks. 3) Puppet resource creates temporary files with a predictable filename when running in "--edit" mode, which can be exploited to trick another user into manipulating arbitrary files or running arbitrary Puppet code. Note: Additionally, a problem within the indirector/file.rb terminus base class exists. However, the problematic code is not used outside of unit tests. SOLUTION: Apply hotfixes for Puppet Enterprise versions 1.0, 1.1, and 1.2.x or update to Puppet versions 2.6.11 or 2.7.5. PROVIDED AND/OR DISCOVERED BY: 1) Ricky Zhou 2, 3) Reported by the vendor. ORIGINAL ADVISORY: http://groups.google.com/group/puppet-users/browse_thread/thread/91e3b46d2328a1cb# http://projects.puppetlabs.com/issues/9790 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 20:17:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 05:17:21 +0200 Subject: [SEC] [SA46261] Fedora update for drupal6-views_bulk_operations Message-ID: <201110240317.p9O3HLF4021127@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for drupal6-views_bulk_operations SECUNIA ADVISORY ID: SA46261 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46261/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46261 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46261/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46261/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46261 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for drupal6-views_bulk_operations. This fixes a vulnerability, which can be exploited by malicious users to conduct script insertion attacks. For more information: SA46114 SOLUTION: Apply updated packages via the yum utility ("yum update drupal6-views_bulk_operations"). ORIGINAL ADVISORY: FEDORA-2011-13235: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067080.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 20:53:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 05:53:12 +0200 Subject: [SEC] [SA46265] WordPress Pixiv Custom Theme "s" Cross-Site Scripting Vulnerability Message-ID: <201110240353.p9O3rCev012175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Pixiv Custom Theme "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46265 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46265/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46265 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46265/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46265/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46265 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the Pixiv Custom theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "s" parameter to index.php is not properly sanitised in wp-content/themes/pixiv-custom/archive.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.1.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: https://sitewat.ch/en/Advisories/16 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 21:19:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 06:19:05 +0200 Subject: [SEC] [SA46235] BaserCMS Unspecified Cross-Site Scripting Vulnerability Message-ID: <201110240419.p9O4J5Ec002728@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: BaserCMS Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46235 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46235/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46235 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46235/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46235/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46235 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BaserCMS, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions 1.6.13.1 and prior. SOLUTION: Install patch or update to version 1.6.13.2 or later. PROVIDED AND/OR DISCOVERED BY: JVN credits Masako Ohno. ORIGINAL ADVISORY: JVN#09789751, Japanese: http://jvn.jp/jp/JVN09789751/index.html JVN#09789751, English: http://jvn.jp/en/jp/JVN09789751/index.html JVNDB-2011-000065: http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000065.html BaserCMS: http://basercms.net/patch/JVN09789751 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 21:55:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 06:55:05 +0200 Subject: [SEC] [SA46249] Fedora update for firefox and xulrunner Message-ID: <201110240455.p9O4t59w026242@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for firefox and xulrunner SECUNIA ADVISORY ID: SA46249 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46249/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46249 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46249/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46249/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46249 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46203 SOLUTION: Apply updated packages via the yum utility ("yum update firefox xulrunner"). ORIGINAL ADVISORY: FEDORA-2011-13467: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067092.html http://lists.fedoraproject.org/pipermail/package-announce/2011-October/067094.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 23 22:23:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 07:23:17 +0200 Subject: [SEC] [SA46136] Pantech Link "basicConstraints" X.509 Certificate Chain Validation Vulnerability Message-ID: <201110240523.p9O5NHl3016941@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Pantech Link "basicConstraints" X.509 Certificate Chain Validation Vulnerability SECUNIA ADVISORY ID: SA46136 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46136/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46136 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46136/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46136/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46136 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Pantech Link, which can be exploited by malicious people to conduct spoofing attacks. The vulnerability is caused due to an error when validating the "basicConstraints" parameter of certificates in the certificate chain. This can be exploited to spoof certificates of arbitrary domains and disclose encrypted information e.g. using a Man-in-the-Middle (MitM) attack. SOLUTION: Do not rely on the security provided by SSL when using the browser. PROVIDED AND/OR DISCOVERED BY: Paul Kehrer, Trustwave SpiderLabs. ORIGINAL ADVISORY: SpiderLabs: https://www.trustwave.com/spiderlabs/advisories/TWSL2011-014.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 10:40:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 19:40:27 +0200 Subject: [SEC] [SA46498] Gentoo update for rgmanager Message-ID: <201110241740.p9OHeRhC011213@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for rgmanager SECUNIA ADVISORY ID: SA46498 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46498/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46498 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46498/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46498/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46498 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for rgmanager. This fixes two security issues, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA43375 SOLUTION: Update to version "sys-cluster/rgmanager-2.03.09-r1" or later. ORIGINAL ADVISORY: GLSA 201110-18: http://www.gentoo.org/security/en/glsa/glsa-201110-18.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 11:51:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 20:51:14 +0200 Subject: [SEC] [SA46547] Gentoo update for dbus Message-ID: <201110241851.p9OIpEQk004054@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for dbus SECUNIA ADVISORY ID: SA46547 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46547/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46547 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46547/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46547/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46547 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for dbus. This fixes a weakness and a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA42580 SA44896 SOLUTION: Update to "sys-apps/dbus-1.4.12" or later. ORIGINAL ADVISORY: GLSA 201110-14: http://www.gentoo.org/security/en/glsa/glsa-201110-14.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 12:43:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 21:43:39 +0200 Subject: [SEC] [SA46503] Gentoo update for avahi Message-ID: <201110241943.p9OJhd9c028377@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for avahi SECUNIA ADVISORY ID: SA46503 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46503/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46503 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46503/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46503/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46503 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for avahi. This fixes some vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA40470 SA43361 SOLUTION: Update to version "net-dns/avahi-0.6.28-r1" or later. ORIGINAL ADVISORY: GLSA 201110-17: http://www.gentoo.org/security/en/glsa/glsa-201110-17.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 13:39:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 22:39:35 +0200 Subject: [SEC] [SA46541] Gentoo update for gnupg Message-ID: <201110242039.p9OKdZ0i020462@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for gnupg SECUNIA ADVISORY ID: SA46541 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46541/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46541 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46541/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46541/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46541 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for gnupg. This fixes a vulnerability, which can be exploited by malicious people to potentially compromise a user's system. For more information: SA38877 SOLUTION: Update to "app-crypt/gnupg-2.0.16-r1" or later. ORIGINAL ADVISORY: GLSA 201110-15: http://www.gentoo.org/security/en/glsa/glsa-201110-15.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 14:31:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 24 Oct 2011 23:31:50 +0200 Subject: [SEC] [SA46551] phpLDAPadmin Cross-Site Scripting and Code Injection Vulnerabilities Message-ID: <201110242131.p9OLVoes012376@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: phpLDAPadmin Cross-Site Scripting and Code Injection Vulnerabilities SECUNIA ADVISORY ID: SA46551 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46551/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46551 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46551/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46551/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46551 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in phpLDAPadmin, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. 1) Input appended to the URL in cmd.php (when "cmd" is set to "_debug") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "orderby" parameter in cmd.php (when "cmd" is set to "query_engine", "query" is set to "none", and "search" is set to e.g. "1") is not properly sanitised in lib/functions.php before being used in a "create_function()" function call. This can be exploited to inject and execute arbitrary PHP code. The vulnerabilities are confirmed in version 1.2.1.1. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: 1) Disclosed in a GIT commit. 2) EgiX ORIGINAL ADVISORY: EgiX: http://www.exploit-db.com/exploits/18021/ phpLDAPadmin: http://sourceforge.net/tracker/index.php?func=detail&aid=3417184&group_id=61828&atid=498546 http://phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin/phpldapadmin;a=commit;h=64668e882b8866fae0fa1b25375d1a2f3b4672e2 http://phpldapadmin.git.sourceforge.net/git/gitweb.cgi?p=phpldapadmin/phpldapadmin;a=commit;h=76e6dad13ef77c5448b8dfed1a61e4acc7241165 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 15:03:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 00:03:22 +0200 Subject: [SEC] [SA46575] FreeType Multiple Vulnerabilities Message-ID: <201110242203.p9OM3MsQ003221@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: FreeType Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46575 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46575/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46575 RELEASE DATE: 2011-10-24 DISCUSS ADVISORY: http://secunia.com/advisories/46575/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46575/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46575 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Some vulnerabilities have been reported in FreeType, which can be exploited by malicious people to compromise an application using the library. The vulnerabilities are caused due to unspecified errors. No further information is currently available. The vulnerabilities are reported in versions prior to 2.4.7. SOLUTION: Update to version 2.4.7. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://sourceforge.net/projects/freetype/files/freetype2/2.4.7/README/view OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 15:32:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 00:32:36 +0200 Subject: [SEC] [SA46546] SUSE update for krb5 Message-ID: <201110242232.p9OMWals026366@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for krb5 SECUNIA ADVISORY ID: SA46546 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46546/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46546 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46546/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46546/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46546 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for krb5. This fixes a security issue and two vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service). For more information: SA45145 SA46494 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1169-1: http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00009.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 16:03:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 01:03:45 +0200 Subject: [SEC] [SA46530] Gentoo update for cyrus-imapd Message-ID: <201110242303.p9ON3jJB017222@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for cyrus-imapd SECUNIA ADVISORY ID: SA46530 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46530/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46530 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46530/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46530/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46530 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for cyrus-imapd. This fixes some vulnerabilities, which can be exploited by malicious users and malicious people to cause a DoS (Denial of Service) and by malicious users to compromise a vulnerable system. For more information: SA36629 SA45938 SOLUTION: Update to version "net-mail/cyrus-imapd-2.4.12" or later. ORIGINAL ADVISORY: GLSA 201110-16: http://www.gentoo.org/security/en/glsa/glsa-201110-16.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 16:31:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 01:31:56 +0200 Subject: [SEC] [SA46473] Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities Message-ID: <201110242331.p9ONVufT007881@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle AutoVue ActiveX Control Insecure Method Vulnerabilities SECUNIA ADVISORY ID: SA46473 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46473/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46473 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46473/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46473/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46473 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: rgod has discovered multiple vulnerabilities in Oracle AutoVue, which can be exploited by malicious people to compromise a user's system. 1) The insecure "ExportEdaBom()" method within the AUTOVUEX.AutoVueXCtrl.1 control (AutoVueX.ocx) can be exploited to create or overwrite arbitrary files in the context of the currently logged-on user. 2) The insecure "Export3DBom()" method within the AUTOVUEX.AutoVueXCtrl.1 control (AutoVueX.ocx) can be exploited to create or overwrite arbitrary files in the context of the currently logged-on user. 3) The insecure "SaveViewStateToFile()" method within the AUTOVUEX.AutoVueXCtrl.1 control (AutoVueX.ocx) can be exploited to create or overwrite arbitrary files in the context of the currently logged-on user. Successful exploitation of the vulnerabilities allows execution of arbitrary code. The vulnerabilities are confirmed in version 20.0.2 build 7910 (AutoVueX.ocx 20.1.1.7910). Other versions may also be affected. SOLUTION: Set the kill-bit for the affected ActiveX control. PROVIDED AND/OR DISCOVERED BY: rgod ORIGINAL ADVISORY: http://retrogod.altervista.org/9sg_autovue.html http://retrogod.altervista.org/9sg_autovueii.html http://retrogod.altervista.org/9sg_autovueiii.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 17:06:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 02:06:32 +0200 Subject: [SEC] [SA46556] Cyclope Internet Filtering Proxy Request Processing Denial of Service Vulnerability Message-ID: <201110250006.p9P06W2p031307@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cyclope Internet Filtering Proxy Request Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46556 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46556/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46556 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46556/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46556/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46556 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: loneferret has discovered a vulnerability in Cyclope Internet Filtering Proxy, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error when processing certain requests and can be exploited to crash the CEPMServer module via an overly long request sent to TCP port 8585. The vulnerability is confirmed in version 4.0 build 300. Other versions may also be affected. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: loneferret ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18017/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 17:32:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 02:32:07 +0200 Subject: [SEC] [SA46489] Linux Kernel ext4 Extent Splitting Denial of Service Vulnerability Message-ID: <201110250032.p9P0W7Ob021872@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Linux Kernel ext4 Extent Splitting Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46489 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46489/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46489 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46489/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46489/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46489 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). An error within the implementation of the ext4 file system when splitting extents can be exploited to cause a "BUG_ON()". The vulnerability is reported in version 2.6.39.4. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Red Hat credits Zheng Liu. ORIGINAL ADVISORY: Red Hat Bug #747642: https://bugzilla.redhat.com/show_bug.cgi?id=747942 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=667eff35a1f56fa74ce98a0c7c29a40adc1ba4e3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 18:03:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 03:03:53 +0200 Subject: [SEC] [SA46437] TYPO3 PMK SlimBox Extension Cross-Site Scripting and File Disclosure Vulnerabilities Message-ID: <201110250103.p9P13rSB012735@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: TYPO3 PMK SlimBox Extension Cross-Site Scripting and File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA46437 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46437/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46437 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46437/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46437/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46437 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the PMK SlimBox extension for TYPO3, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks. 1) Certain input passed to filenames is not properly verified before being used to download files. This can be exploited to download arbitrary files from local resources. 2) Certain input passed to filenames is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 3.1.0 and prior. SOLUTION: The vendor recommends to uninstall and delete the extension folder. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: TYPO3-EXT-SA-2011-015: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-015/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 18:35:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 03:35:18 +0200 Subject: [SEC] [SA46408] Toshiba E-Studio Multifunction Printers Management Interface Security Bypass Vulnerability Message-ID: <201110250135.p9P1ZISu003561@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Toshiba E-Studio Multifunction Printers Management Interface Security Bypass Vulnerability SECUNIA ADVISORY ID: SA46408 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46408/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46408 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46408/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46408/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46408 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Toshiba E-Studio Multifunction Printers, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the device not authenticating certain web requests to the management interface and can be exploited to bypass the authentication mechanism by appending a '/' to "/TopAccess/" in the URL. SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Deral Heiland PercX. ORIGINAL ADVISORY: http://www.foofus.net/?page_id=411 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 19:19:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 04:19:45 +0200 Subject: [SEC] [SA46564] Debian update for kfreebsd-8 Message-ID: <201110250219.p9P2JjHD027843@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for kfreebsd-8 SECUNIA ADVISORY ID: SA46564 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46564/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46564 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46564/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46564/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46564 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for kfreebsd-8. This fixes a vulnerability, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA46202 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2325-1: http://www.debian.org/security/2011/dsa-2325 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 19:56:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 04:56:13 +0200 Subject: [SEC] [SA46493] Jara "id" SQL Injection Vulnerability Message-ID: <201110250256.p9P2uDhH019058@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Jara "id" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46493 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46493/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46493 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46493/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46493/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46493 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Jara, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "id" parameter to view.php is not properly sanitised in the "jara_write_post()" function in include/templating_fns.php before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 1.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: muuratsalo OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 20:20:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 05:20:40 +0200 Subject: [SEC] [SA46560] OpenEMR Multiple SQL Injection Vulnerabilities Message-ID: <201110250320.p9P3KeQQ009545@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: OpenEMR Multiple SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46560 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46560/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46560 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46560/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46560/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46560 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in OpenEMR, which can be exploited by malicious users to conduct SQL injection attacks. 1) Input passed via the "provider_id" and "pc_category" parameters to interface/main/calendar/index.php (when "module" is set to "PostCalendar" and "func" is set to "search") is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed via the "form_patient_id" parameter to interface/reports/chart_location_activity.php is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability requires that "magic_quotes_gpc" is disabled. The vulnerabilities are confirmed in version 4.1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Mehdi Boukazoula and Houssam Sahli OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 20:51:02 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 05:51:02 +0200 Subject: [SEC] [SA46561] WordPress Chennai Theme "s" Cross-Site Scripting Vulnerability Message-ID: <201110250351.p9P3p2gI032756@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Chennai Theme "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46561 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46561/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46561 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46561/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46561/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46561 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Mr.PaPaRoSSe has discovered a vulnerability in the Chennai theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "s" parameter to index.php is not properly sanitised in wp-content/themes/chennai/search.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.0. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Mr.PaPaRoSSe ORIGINAL ADVISORY: http://paparosse.blogspot.com/2011/10/wordpress-themecity-cross-site.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 21:17:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 06:17:56 +0200 Subject: [SEC] [SA46573] Joomla! Freestyle FAQs and Testimonials Components Unspecified SQL Injection Vulnerability Message-ID: <201110250417.p9P4HuJO023380@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! Freestyle FAQs and Testimonials Components Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46573 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46573/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46573 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46573/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46573/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46573 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Freestyle FAQs and Freestyle Testimonials components for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.5.6. Other versions may also be affected. SOLUTION: Update to version 1.9. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Freestyle: http://freestyle-joomla.com/index.php?announceid=43 Joomla: http://docs.joomla.org/Vulnerable_Extensions_List#Freestyle_FAQ_1.5.6 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 21:56:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 06:56:13 +0200 Subject: [SEC] [SA46491] Gentoo update for clamav Message-ID: <201110250456.p9P4uDLw014591@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for clamav SECUNIA ADVISORY ID: SA46491 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46491/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46491 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46491/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46491/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46491 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for clamav. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA41503 SA42426 SA43392 SA45382 SA46455 SOLUTION: Update to version "app-antivirus/clamav-0.97.3" or later. ORIGINAL ADVISORY: GLSA 201110-20: http://www.gentoo.org/security/en/glsa/glsa-201110-20.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 24 22:26:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 07:26:39 +0200 Subject: [SEC] [SA46499] TYPO3 PMK Shadowbox Extension Cross-Site Scripting and File Disclosure Vulnerabilities Message-ID: <201110250526.p9P5Qd55005366@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: TYPO3 PMK Shadowbox Extension Cross-Site Scripting and File Disclosure Vulnerabilities SECUNIA ADVISORY ID: SA46499 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46499/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46499 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46499/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46499/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46499 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the PMK Shadowbox extension for TYPO3, which can be exploited by malicious people to disclose potentially sensitive information and conduct cross-site scripting attacks. 1) Certain input passed to filenames is not properly verified before being used to download files. This can be exploited to download arbitrary files from local resources. 2) Certain input passed to filenames is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in version 3.2.0 and prior. SOLUTION: Update to version 3.2.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: TYPO3-EXT-SA-2011-015: http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2011-015/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 10:40:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 19:40:45 +0200 Subject: [SEC] [SA46568] Gentoo update for postgresql Message-ID: <201110251740.p9PHejo6031947@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for postgresql SECUNIA ADVISORY ID: SA46568 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46568/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46568 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46568/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46568/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46568 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for postgresql. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service), gain escalated privileges, and compromise a vulnerable system and by malicious people to conduct spoofing attacks and bypass certain security restrictions. For more information: SA34206 SA36660 SA37663 SA39566 SA39845 SA41692 SA43144 SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: GLSA 201110-22: http://security.gentoo.org/glsa/glsa-201110-22.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 11:38:18 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 20:38:18 +0200 Subject: [SEC] [SA46565] Alcatel-Lucent Business integrated Communication Solution Multiple Vulnerabilities Message-ID: <201110251838.p9PIcIHH024112@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Alcatel-Lucent Business integrated Communication Solution Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46565 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46565/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46565 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46565/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46565/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46565 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Alcatel-Lucent has acknowledged multiple vulnerabilities in Alcatel-Lucent Business integrated Communication Solution, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. The vulnerabilities are caused due to a vulnerable bundled version of the Alcatel-Lucent Instant Communication Suite (ICS). For more information: SA46562 Please see the vendor's advisory for a list of affected versions. SOLUTION: Install patch or upgrade and install patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Tobias Glemser, Tele-Consulting ORIGINAL ADVISORY: TC-SA-2011-01: http://www.tele-consulting.com/advisories/TC-SA-2011-01.txt Alcatel-Lucent: http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2011003.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 12:43:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 21:43:30 +0200 Subject: [SEC] [SA46562] Alcatel-Lucent OmniTouch 8400 Instant Communication Suite Multiple Vulnerabilities Message-ID: <201110251943.p9PJhUHI016688@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Alcatel-Lucent OmniTouch 8400 Instant Communication Suite Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46562 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46562/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46562 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46562/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46562/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46562 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Tele-Consulting has reported multiple vulnerabilities in Alcatel-Lucent OmniTouch 8400 Instant Communication Suite, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input passed to the "list" parameter in websoftphone/jsp/CBCallBackCont.jsp, the "udatab" parameter in /websoftphone/jsp/PhoneBookCont.jsp, the "openwin" parameter in websoftphone/jsp/CustoData.jsp, the "sessionid" parameter in websoftphone/jsp/RTCNavigator.jsp, the "next" parameter in /websoftphone/servlet/DispLogon, the "main" parameter in /websoftphone/servlet/DispLogon, and the "action" parameter in ClientMgmt/ClientMgmt is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain input related to the phonebook input fields is not properly sanitised before being used. This can be exploited to insert HTML and script code, which will be executed in a user's browser session in context of an affected site if malicious data is viewed. 3) The application allows users to perform certain actions via HTTP requests without performing proper validity checks to verify the requests. This can be exploited to e.g. set "Do Not Disturb" (DND), lock a phone, dial a number, or set call forwarding when a logged-in user visits a specially crafted web page. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply hotfix or upgrade and apply the hotfix. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Tobias Glemser, Tele-Consulting ORIGINAL ADVISORY: TC-SA-2011-01: http://www.tele-consulting.com/advisories/TC-SA-2011-01.txt Alcatel-Lucent: http://www.alcatel-lucent.com/wps/DocumentStreamerServlet?LMSG_CABINET=Corporate&LMSG_CONTENT_FILE=Support/Security/2011003.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 13:47:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 22:47:39 +0200 Subject: [SEC] [SA46570] McAfee Web Gateway Unspecified Cross-Site Scripting Vulnerability Message-ID: <201110252047.p9PKld4T009175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: McAfee Web Gateway Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46570 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46570/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46570 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46570/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46570/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46570 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in McAfee Web Gateway, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input pass to the web interface is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in versions prior to 7.1.5.2. SOLUTION: Update to version 7.1.5.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: https://kc.mcafee.com/resources/sites/MCAFEE/content/live/PRODUCT_DOCUMENTATION/23000/PD23455/en_US/mwg_7152_release_notes.pdf OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 14:33:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 25 Oct 2011 23:33:57 +0200 Subject: [SEC] [SA46572] Novell Netware HTTP Server ByteRange Filter Denial of Service Vulnerability Message-ID: <201110252133.p9PLXvAJ000755@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Novell Netware HTTP Server ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46572 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46572/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46572 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46572/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46572/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46572 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Novell has acknowledged a vulnerability in Novell Netware, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 The vulnerability is reported in version 6.5 Support Pack 6, 7, and 8. SOLUTION: Restrict access to trusted hosts only. ORIGINAL ADVISORY: http://www.novell.com/support/viewContent.do?externalId=7009621 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 15:06:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 00:06:25 +0200 Subject: [SEC] [SA46578] Ubuntu update for puppet Message-ID: <201110252206.p9PM6Pfg024127@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for puppet SECUNIA ADVISORY ID: SA46578 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46578/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46578 RELEASE DATE: 2011-10-25 DISCUSS ADVISORY: http://secunia.com/advisories/46578/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46578/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46578 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for puppet. This fixes a vulnerability, which can be exploited by malicious users to conduct spoofing attacks. For more information: SA46550 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1238-1: http://www.ubuntu.com/usn/usn-1238-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 15:33:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 00:33:42 +0200 Subject: [SEC] [SA46567] SUSE update for etherape Message-ID: <201110252233.p9PMXgXD014761@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for etherape SECUNIA ADVISORY ID: SA46567 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46567/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46567 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46567/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46567/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46567 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for etherape. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45989 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1176-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00029.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 16:05:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 01:05:20 +0200 Subject: [SEC] [SA46559] zFTPServer "CWD" Denial of Service Vulnerability Message-ID: <201110252305.p9PN5KD7005634@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: zFTPServer "CWD" Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46559 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46559/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46559 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46559/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46559/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46559 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in zFTPServer, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the handling of the "CWD" command, which can be exploited to cause a crash by sending specially crafted "CWD" commands. The vulnerability is reported in a version dated 2011-04-13 08:59. Other versions may also be affected. SOLUTION: Upgrade to a version dated after 2011-10-05. PROVIDED AND/OR DISCOVERED BY: Myo Soe, YGN Ethical Hacker Group ORIGINAL ADVISORY: Myo Soe: http://core.yehg.net/lab/pr0js/advisories/%5Bzftpserver_2011-04-13%5D_stat,cwd_dos zFTPServer: http://forum.zftpserver.com/viewtopic.php?f=4&t=2854 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 16:53:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 01:53:41 +0200 Subject: [SEC] [SA46586] Zope Unspecified Vulnerability Message-ID: <201110252353.p9PNrfJb018539@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Zope Unspecified Vulnerability SECUNIA ADVISORY ID: SA46586 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46586/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46586 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46586/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46586/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46586 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability with an unknown impact has been reported in Zope. The vulnerability is caused due to an unspecified error. No further information is currently available. The vulnerability is reported in versions 2.12.20 and prior and versions 2.13.6 and prior. SOLUTION: Apply the Products.Zope_Hotfix_20111024 hotfix. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://permalink.gmane.org/gmane.comp.web.zope.announce/1510 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 16:53:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 01:53:46 +0200 Subject: [SEC] [SA46413] Wing FTP Server Unspecified Information Disclosure Vulnerability Message-ID: <201110252353.p9PNrkuw018641@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Wing FTP Server Unspecified Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA46413 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46413/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46413 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46413/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46413/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46413 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Wing FTP Server, which can be exploited by malicious users to disclose potentially sensitive information. The vulnerability is caused due to an unspecified error related to the HTTP protocol. No further information is currently available. The vulnerability is reported in versions prior to 4.0.1. SOLUTION: Update to version 4.0.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.wftpserver.com/serverhistory.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 17:24:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 02:24:04 +0200 Subject: [SEC] [SA46555] SUSE update for fail2ban Message-ID: <201110260024.p9Q0O4uM009800@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for fail2ban SECUNIA ADVISORY ID: SA46555 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46555/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46555 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46555/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46555/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46555 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for fail2ban. This fixes some weaknesses, which can be exploited by malicious, local users to perform certain actions with escalated privileges. For more information: SA44253 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1175-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00028.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 17:51:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 02:51:49 +0200 Subject: [SEC] [SA46580] Ubuntu update for pam Message-ID: <201110260051.p9Q0pnXg000428@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for pam SECUNIA ADVISORY ID: SA46580 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46580/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46580 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46580/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46580/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46580 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for pam. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. For more information: SA46583 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1237-1: http://www.ubuntu.com/usn/usn-1237-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 18:19:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 03:19:08 +0200 Subject: [SEC] [SA46558] Wing FTP Server Unspecified Information Disclosure Vulnerability Message-ID: <201110260119.p9Q1J8rf023540@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Wing FTP Server Unspecified Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA46558 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46558/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46558 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46558/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46558/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46558 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Wing FTP Server, which can be exploited by malicious users to disclose potentially sensitive information. For more information: SA46413 The vulnerability is reported in versions 3.x. SOLUTION: Upgrade to version 4.0.1. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.wftpserver.com/serverhistory.htm OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 18:53:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 03:53:09 +0200 Subject: [SEC] [SA46553] PacketFence "p" and "destination_url" Cross-Site Scripting Vulnerabilities Message-ID: <201110260153.p9Q1r9PH014534@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: PacketFence "p" and "destination_url" Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA46553 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46553/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46553 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46553/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46553/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46553 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in PacketFence, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Input passed via the "p" parameter to html/admin/login.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "destination_url" parameter to e.g. html/admin/guest-management.cgi, html/captive-portal/email_activation.cgi, and html/captive-portal/register.cgi is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 3.0.2. SOLUTION: Update to version 3.0.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits Matthew Daley. ORIGINAL ADVISORY: http://www.mail-archive.com/packetfence-announce%40lists.sourceforge.net/msg00018.html http://www.packetfence.org/bugs/view.php?id=1292 http://www.packetfence.org/bugs/view.php?id=1296 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 19:31:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 04:31:22 +0200 Subject: [SEC] [SA46552] SUSE update for opera Message-ID: <201110260231.p9Q2VMHr006202@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for opera SECUNIA ADVISORY ID: SA46552 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46552/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46552 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46552/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46552/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46552 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for opera. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. For more information: SA46375 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1172-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00027.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 19:53:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 04:53:00 +0200 Subject: [SEC] [SA46566] Alsbtain Bulletin "act" Local File Inclusion Vulnerability Message-ID: <201110260253.p9Q2r0fR028992@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Alsbtain Bulletin "act" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA46566 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46566/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46566 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46566/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46566/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46566 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Alsbtain Bulletin, which can be exploited by malicious people to disclose sensitive information. Input passed via the "act" parameter to index.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. Successful exploitation requires that "magic_quotes_gpc" is disabled. The vulnerability is confirmed in version 1.6. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: Null H4ck3r OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 20:21:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 05:21:38 +0200 Subject: [SEC] [SA46579] Debian update for libfcgi-perl Message-ID: <201110260321.p9Q3LcGb019707@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for libfcgi-perl SECUNIA ADVISORY ID: SA46579 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46579/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46579 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46579/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46579/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46579 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for libfcgi-perl. This fixes a security issue, which can be exploited by malicious people to bypass certain security restrictions. For more information: SA46263 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2327-1: http://www.debian.org/security/2011/dsa-2327 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 20:52:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 05:52:57 +0200 Subject: [SEC] [SA46544] Debian update for freetype Message-ID: <201110260352.p9Q3qvWn010551@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for freetype SECUNIA ADVISORY ID: SA46544 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46544/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46544 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46544/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46544/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46544 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for freetype. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA46575 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2328-1: http://www.debian.org/security/2011/dsa-2328 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 21:17:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 06:17:14 +0200 Subject: [SEC] [SA46548] Gentoo update for asterisk Message-ID: <201110260417.p9Q4HE5F000991@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for asterisk SECUNIA ADVISORY ID: SA46548 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46548/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46548 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46548/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46548/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46548 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for asterisk. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and cause a DoS (Denial of Service) and by malicious people to determine valid usernames, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA43429 SA43722 SA44197 SA44707 SA45048 SA46420 SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: GLSA 201110-21: http://security.gentoo.org/glsa/glsa-201110-21.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 21:51:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 06:51:27 +0200 Subject: [SEC] [SA46549] Debian update for pam Message-ID: <201110260451.p9Q4pRS5024456@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for pam SECUNIA ADVISORY ID: SA46549 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46549/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46549 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46549/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46549/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46549 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for pam. This fixes two vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. For more information: SA46583 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2326-1: http://www.debian.org/security/2011/dsa-2326 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Tue Oct 25 22:18:51 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 07:18:51 +0200 Subject: [SEC] [SA46563] SUSE update for clamav Message-ID: <201110260518.p9Q5IpVH015109@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for clamav SECUNIA ADVISORY ID: SA46563 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46563/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46563 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46563/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46563/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46563 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for clamav. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA46455 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1177-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00030.html SUSE-SU-2011:1178-1: https://hermes.opensuse.org/messages/12174646 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 10:40:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 19:40:19 +0200 Subject: [SEC] [SA46590] Ubuntu update for linux Message-ID: <201110261740.p9QHeJ9J009625@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA46590 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46590/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46590 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46590/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46590/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46590 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS. For more information: SA44091 SA45193 SA45489 SA45936 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1243-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001463.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 11:37:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 20:37:52 +0200 Subject: [SEC] [SA46595] Ubuntu update for linux-lts-backport-maverick Message-ID: <201110261837.p9QIbqqn001770@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-lts-backport-maverick SECUNIA ADVISORY ID: SA46595 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46595/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46595 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46595/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46595/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46595 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-lts-backport-maverick. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS. For more information: SA44091 SA45193 SA45489 SA45936 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1242-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001457.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 12:52:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 21:52:36 +0200 Subject: [SEC] [SA46589] Ubuntu update for linux-ec2 Message-ID: <201110261952.p9QJqaXB027275@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-ec2 SECUNIA ADVISORY ID: SA46589 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46589/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46589 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46589/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46589/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46589 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-ec2. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA44754 SA45193 SA45489 SA45695 SA46251 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1239-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001461.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 13:36:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 22:36:47 +0200 Subject: [SEC] [SA46585] Ubuntu update for linux Message-ID: <201110262036.p9QKaloQ018777@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux SECUNIA ADVISORY ID: SA46585 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46585/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46585 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46585/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46585/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46585 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux. This fixes multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA44754 SA45193 SA45420 SA45695 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1246-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001464.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 14:31:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 23:31:13 +0200 Subject: [SEC] [SA46571] Ubuntu update for linux-ti-omap4 Message-ID: <201110262131.p9QLVDAr010777@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-ti-omap4 SECUNIA ADVISORY ID: SA46571 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46571/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46571 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46571/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46571/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46571 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-ti-omap4. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS. For more information: SA42094 SA44754 SA45193 SA45489 SA45936 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1244-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001458.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 14:51:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Wed, 26 Oct 2011 23:51:10 +0200 Subject: [SEC] [SA46587] Ubuntu update for linux-mvl-dove Message-ID: <201110262151.p9QLpAwY001025@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-mvl-dove SECUNIA ADVISORY ID: SA46587 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46587/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46587 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46587/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46587/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46587 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-mvl-dove. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and gain escalated privileges and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA44754 SA45193 SA45489 SA45695 SA46251 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1240-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001459.html USN-1245-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001460.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 15:15:52 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 00:15:52 +0200 Subject: [SEC] [SA46598] Ubuntu update for linux-fsl-imx51 Message-ID: <201110262215.p9QMFq8m023993@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-fsl-imx51 SECUNIA ADVISORY ID: SA46598 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46598/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46598 RELEASE DATE: 2011-10-26 DISCUSS ADVISORY: http://secunia.com/advisories/46598/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46598/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46598 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-fsl-imx51. This fixes multiple weaknesses and vulnerabilities, which can be exploited by malicious, local users to disclose certain system information, cause a DoS (Denial of Service), and gain escalated privileges and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA40205 SA44094 SA44754 SA45193 SA45420 SA45489 SA45695 SA46251 SA46539 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1241-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-October/001462.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 15:50:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 00:50:46 +0200 Subject: [SEC] [SA46582] phpMyFAQ Code Injection Vulnerability Message-ID: <201110262250.p9QMokq9015036@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: phpMyFAQ Code Injection Vulnerability SECUNIA ADVISORY ID: SA46582 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46582/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46582 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46582/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46582/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46582 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in phpMyFAQ, which can be exploited by malicious users to compromise a vulnerable system. Input passed via the POST parameters to admin/editor/plugins/ajaxfilemanager/ajax_create_folder.php is not properly sanitised before being stored. This can be exploited to execute arbitrary PHP code by passing specially crafted values to the affected script. The vulnerability is confirmed in version 2.7.0. Other versions may also be affected. SOLUTION: Update to version 2.6.19 or 2.7.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits EgiX. ORIGINAL ADVISORY: phpMyFAQ Security Advisory 2011-10-25: http://www.phpmyfaq.de/advisory_2011-10-25.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 16:17:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 01:17:29 +0200 Subject: [SEC] [SA46602] WordPress NextGEN Gallery Plugin Cross-Site Scripting and Request Forgery Vulnerabilities Message-ID: <201110262317.p9QNHT7n005650@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress NextGEN Gallery Plugin Cross-Site Scripting and Request Forgery Vulnerabilities SECUNIA ADVISORY ID: SA46602 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46602/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46602 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46602/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46602/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46602 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been discovered in the NextGEN Gallery plugin for WordPress, which can be exploited by malicious people to conduct cross-site scripting and cross-site request forgery attacks. 1) Input pass via the "search" parameter to wp-admin/admin.php (when "page" is set to "nggallery-tags") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) The application allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to e.g. delete certain tags by tricking a logged in administrative user into visiting a malicious web site. The vulnerabilities are confirmed in version 1.8.3. Prior versions may also be affected. SOLUTION: Update to version 1.8.4. PROVIDED AND/OR DISCOVERED BY: The vendor credits Alain Schneider. ORIGINAL ADVISORY: NextGEN Gallery: http://wordpress.org/extend/plugins/nextgen-gallery/changelog/ http://plugins.trac.wordpress.org/changeset/455791/nextgen-gallery/trunk/admin/tags.php?old=286415&old_path=nextgen-gallery%2Ftrunk%2Fadmin%2Ftags.php OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 16:50:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 01:50:40 +0200 Subject: [SEC] [SA46593] SUSE update for hplip Message-ID: <201110262350.p9QNoeek029008@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for hplip SECUNIA ADVISORY ID: SA46593 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46593/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46593 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46593/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46593/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46593 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for hplip. This fixes a weakness, which can be exploited by malicious, local users to manipulate certain data. For more information see weakness #2 in: SA42956 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1183-1: https://hermes.opensuse.org/messages/12183477 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 17:19:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 02:19:30 +0200 Subject: [SEC] [SA46591] Linux Kernel XFS "xfs_readlink()" Buffer Overflow Vulnerability Message-ID: <201110270019.p9R0JU9W019743@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Linux Kernel XFS "xfs_readlink()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA46591 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46591/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46591 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46591/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46591/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46591 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. The vulnerability is caused due to a boundary error within the "xfs_readlink()" function (fs/xfs/xfs_vnodeops.c) and can be exploited to cause a buffer overflow via a specially crafted XFS image. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Currently unknown. ORIGINAL ADVISORY: https://bugzilla.redhat.com/show_bug.cgi?id=749156 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 17:52:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 02:52:55 +0200 Subject: [SEC] [SA46597] Ubuntu update for nova Message-ID: <201110270052.p9R0qtM1010700@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for nova SECUNIA ADVISORY ID: SA46597 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46597/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46597 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46597/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46597/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46597 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for nova. This fixes a weakness, which can be exploited by malicious people to disclose sensitive information. For more information: SA46576 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1247-1: http://www.ubuntu.com/usn/usn-1247-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 18:18:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 03:18:13 +0200 Subject: [SEC] [SA46594] Google Chrome Multiple Vulnerabilities Message-ID: <201110270118.p9R1IDca001191@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Google Chrome Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46594 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46594/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46594 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46594/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46594/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46594 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Google Chrome, where some have unknown impacts and others can be exploited by malicious people to bypass certain security restrictions, conduct spoofing attacks, conduct cross-site scripting attacks, and potentially compromise a user's system. 1) An error within the history handling can be exploited to spoof the URL bar and display attacker controlled content while the browser presents the certificate of a trusted site. 2) An error can be exploited to spoof the URL bar by e.g. tricking the user into performing a drag and drop operation on specially crafted content. 3) An error is caused due to the application stripping whitespaces at the end of download filenames. 4) Certain input passed to the appcache internals page is not properly sanitised before being displayed. This can be exploited to execute arbitrary HTML and script code in context of the appcache internals page. 5) A race condition exists within the initialisation of worker processes. 6) An unspecified error can be exploited to redirect to chrome scheme URIs. 7) An unspecified error exists within the HTTP header delimiter handling. 8) Various unspecified errors can be exploited to violate the cross-origin policy. 9) A use-after-free error exists within the media buffer handling. 10) A use-after-free error exists within the counter handling. 11) Various timing issues exist within the DOM traversal. 12) Various issues related to stale styles can lead to use-after-free errors. 13) Unspecified errors within v8 can be exploited to cause out-of-bounds writes. 14) An unspecified error related to javascript URIs can be exploited to steal cookies. 15) A use-after-free error exists related to plug-ins and editing. 16) An error related to Web Audio can be exploited to cause a heap overflow. 17) A use-after-free error exists within the video source handling. 18) Internal v8 functions are exposed. SOLUTION: Upgrade to version 15.0.874.102. PROVIDED AND/OR DISCOVERED BY: 1, 2) Jordi Chancel The vendor credits: 3) Marc Novak 4) Independently discovered by Google Chrome Security Team (Tom Sepez) and Juho Nurminen 5, 10, 12, 15, 16) miaubiz 6) Masato Kinugawa 7) Vladimir Vorontsov, ONsec company 8, 14) Sergey Glazunov 9) Google Chrome Security Team (Inferno) 11) Brian Ryner, Chromium development community 13) Christian Holler 17) Ami Fischman, Chromium development community 18) Independently discovered by teven Keuchel, Chromium development community and Daniel Divricean ORIGINAL ADVISORY: Google: http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html Jordi Chancel: http://www.alternativ-testing.fr/blog/index.php?post/2011/Google-Chrome-URL-Bar-Spoofing-with-SSL-TLS-Spoofing http://www.alternativ-testing.fr/blog/index.php?post/2011/Google-Chrome-Search-Engine-Location-Bar-URL-Spoofing OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 18:51:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 03:51:53 +0200 Subject: [SEC] [SA46576] OpenStack Compute (Nova) "EC2_SECRET_KEY" Credentials Disclosure Weakness Message-ID: <201110270151.p9R1pr2w024632@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: OpenStack Compute (Nova) "EC2_SECRET_KEY" Credentials Disclosure Weakness SECUNIA ADVISORY ID: SA46576 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46576/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46576 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46576/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46576/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46576 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in OpenStack Compute (Nova), which can be exploited by malicious people to disclose sensitive information. The weakness is caused due to an error when handling error messages during an authentication request. This can be exploited to disclose the EC2_SECRET_KEY by sending invalid login requests. Successful exploitation requires knowing or guessing the EC2_ACCESS_KEY, which is considered confidential and is not normally shared. The weakness is reported in version 2011.3 (Diablo). SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported by Stanislaw Pitucha in a bug report. ORIGINAL ADVISORY: https://bugs.launchpad.net/nova/+bug/868360 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 19:27:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 04:27:26 +0200 Subject: [SEC] [SA46592] Ubuntu update for kde4libs Message-ID: <201110270227.p9R2RQea016157@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for kde4libs SECUNIA ADVISORY ID: SA46592 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46592/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46592 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46592/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46592/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46592 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for kde4libs. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA46157 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1248-1: http://www.ubuntu.com/usn/usn-1248-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 19:51:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 04:51:48 +0200 Subject: [SEC] [SA46581] Gentoo update for mod_authnz_external Message-ID: <201110270251.p9R2pm4f006644@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for mod_authnz_external SECUNIA ADVISORY ID: SA46581 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46581/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46581 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46581/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46581/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46581 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for mod_authnz_external. This fixes a vulnerability, which can be exploited by malicious people to conduct SQL injection attacks. For more information: SA45240 SOLUTION: Update to version "www-apache/mod_authnz_external-3.2.6" or later. ORIGINAL ADVISORY: GLSA 201110-23: http://www.gentoo.org/security/en/glsa/glsa-201110-23.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 20:16:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 05:16:24 +0200 Subject: [SEC] [SA46574] IBM WebSphere ILOG Rule Team Server Unspecified Cross-Site Scripting Vulnerability Message-ID: <201110270316.p9R3GOTR029573@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM WebSphere ILOG Rule Team Server Unspecified Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46574 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46574/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46574 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46574/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46574/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46574 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in IBM WebSphere ILOG Rule Team Server, which can be exploited by malicious people to conduct cross-site scripting attacks. Certain unspecified input is not properly sanitised in content/error.jsp before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 7.1.1. SOLUTION: Apply APAR RS00810. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg1RS00810 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 20:51:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 05:51:54 +0200 Subject: [SEC] [SA46596] Red Hat update for freetype Message-ID: <201110270351.p9R3psFM020634@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for freetype SECUNIA ADVISORY ID: SA46596 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46596/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46596 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46596/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46596/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46596 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for freetype. This fixes some vulnerabilities, which can be exploited by malicious people to compromise an application using the library. For more information: SA46575 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1402-1: http://rhn.redhat.com/errata/RHSA-2011-1402.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 21:17:24 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 06:17:24 +0200 Subject: [SEC] [SA46584] Linux Kernel ghash NULL Pointer Dereference Vulnerability Message-ID: <201110270417.p9R4HOJe011181@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Linux Kernel ghash NULL Pointer Dereference Vulnerability SECUNIA ADVISORY ID: SA46584 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46584/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46584 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46584/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46584/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46584 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in the Linux Kernel, which can be exploited by malicious, local users to cause a DoS (Denial of Service). The vulnerability is caused due to a NULL pointer dereference error within the implementation of the GHASH algorithm, which can be exploited to e.g. cause a crash via a specially crafted application. The vulnerability is confirmed in version 2.6.39.4. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Disclosed in a GIT commit. ORIGINAL ADVISORY: http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=7ed47b7d142ec99ad6880bbbec51e9f12b3af74c OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 21:51:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 06:51:07 +0200 Subject: [SEC] [SA46531] PrestaShop Presta2PhpList Module "list" SQL Injection Vulnerability Message-ID: <201110270451.p9R4p7U7002127@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: PrestaShop Presta2PhpList Module "list" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46531 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46531/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46531 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46531/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46531/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46531 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Presta2PhpList module for PrestaShop, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "list" parameter in presta2phplist.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 1.5. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Dotsafe ORIGINAL ADVISORY: http://www.dotsafe.fr/advisories/9/en/Prestashop_-_SQL_injection_in_Presta2PhpList_module OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Wed Oct 26 22:17:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 07:17:22 +0200 Subject: [SEC] [SA46347] SUSE update for cyrus-imapd Message-ID: <201110270517.p9R5HMPe025165@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for cyrus-imapd SECUNIA ADVISORY ID: SA46347 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46347/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46347 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46347/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46347/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46347 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for cyrus-imapd. This fixes two vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service). For more information: SA45938 SA46093 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1173-1: https://hermes.opensuse.org/messages/12173392 openSUSE-SU-2011:1170-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00026.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 10:36:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 19:36:54 +0200 Subject: [SEC] [SA46628] SUSE update for puppet Message-ID: <201110271736.p9RHasQ2015264@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for puppet SECUNIA ADVISORY ID: SA46628 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46628/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46628 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46628/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46628/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46628 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for puppet. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. For more information: SA46223 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1190-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00033.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 11:36:17 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 20:36:17 +0200 Subject: [SEC] [SA46603] Gentoo update for pure-ftpd Message-ID: <201110271836.p9RIaHUV007545@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for pure-ftpd SECUNIA ADVISORY ID: SA46603 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46603/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46603 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46603/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46603/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46603 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for pure-ftpd. This fixes a vulnerability, which can be exploited by malicious people to manipulate certain data. For more information: SA43988 SOLUTION: Update to version "net-ftp/pure-ftpd-1.0.32" or later. ORIGINAL ADVISORY: GLSA 201110-25: http://www.gentoo.org/security/en/glsa/glsa-201110-25.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 12:37:16 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 21:37:16 +0200 Subject: [SEC] [SA46604] Gentoo update for squid Message-ID: <201110271937.p9RJbGgR032314@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for squid SECUNIA ADVISORY ID: SA46604 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46604/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46604 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46604/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46604/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46604 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for squid. This fixes multiple vulnerabilities, which can be exploited by malicious users to cause a DoS (Denial of Service) and by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA36007 SA36378 SA38451 SA38570 SA41090 SA41298 SA45805 SOLUTION: Update to version "net-proxy/squid-3.1.15" or later. ORIGINAL ADVISORY: GLSA 201110-24: http://security.gentoo.org/glsa/glsa-201110-24.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 13:36:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 22:36:08 +0200 Subject: [SEC] [SA46629] Red Hat update for openssl Message-ID: <201110272036.p9RKa8xG024568@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for openssl SECUNIA ADVISORY ID: SA46629 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46629/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46629 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46629/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46629/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46629 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for openssl. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. For more information see vulnerability #1 in: SA45781 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1409-01: https://rhn.redhat.com/errata/RHSA-2011-1409.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 14:32:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Thu, 27 Oct 2011 23:32:05 +0200 Subject: [SEC] [SA46618] Apple QuickTime Multiple Vulnerabilities Message-ID: <201110272132.p9RLW5tU016691@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Apple QuickTime Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46618 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46618/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46618 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46618/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46618/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46618 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Apple Quicktime, which can be exploited by malicious people to compromise a user's system. For more information: SA46339 SA46417 1) An integer overflow error when handling PICT files can be exploited via a specially crafted .pict file. 2) A signedness error when handling font tables within QuickTime movie files can be exploited via a specially crafted movie file. 3) An unspecified error when handling FLC encoded movie files can be exploited to cause a buffer overflow via a specially crafted movie file. 4) An integer overflow error when handling JPEG2000 encoded movie files can be exploited via a specially crafted movie file. 5) An error when handling TKHD atoms within QuickTime movie files can be exploited to cause a memory corruption via a specially crafted movie file. Note: The vulnerabilities #1 and #5 do not affect Mac OS X versions. SOLUTION: Update to version 7.7.1. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1, 2, 4) Luigi Auriemma via ZDI. 3) Matt 'j00ru' Jurczyk via ZDI. 5) Damian Put via ZDI. ORIGINAL ADVISORY: http://support.apple.com/kb/HT5016 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 15:02:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 00:02:54 +0200 Subject: [SEC] [SA46627] HP Network Node Manager i JMX Console Security Bypass Security Issue Message-ID: <201110272202.p9RM2sOu007522@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: HP Network Node Manager i JMX Console Security Bypass Security Issue SECUNIA ADVISORY ID: SA46627 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46627/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46627 RELEASE DATE: 2011-10-27 DISCUSS ADVISORY: http://secunia.com/advisories/46627/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46627/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46627 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has acknowledged a security issue in HP Network Node Manager i, which can be exploited by malicious people to bypass certain security restrictions. For more information see vulnerability #1 in: SA39563 The security issue is reported in versions 8.x and 9.0x. SOLUTION: Apply workaround (please see vendor's advisory for details). ORIGINAL ADVISORY: HPSBMU02714 SSRT100244: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03057508 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 15:31:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 00:31:34 +0200 Subject: [SEC] [SA46577] Debian update for torque Message-ID: <201110272231.p9RMVYcF030652@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for torque SECUNIA ADVISORY ID: SA46577 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46577/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46577 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46577/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46577/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46577 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for torque. This fixes two vulnerabilities, which can be exploited by malicious, local users to gain escalated privileges. For more information: SA45039 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2329-1: http://lists.debian.org/debian-security-announce/2011/msg00205.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 15:50:22 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 00:50:22 +0200 Subject: [SEC] [SA46622] SPIP Unspecified SQL Injection Vulnerability Message-ID: <201110272250.p9RMoM72020874@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SPIP Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46622 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46622/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46622 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46622/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46622/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46622 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in SPIP, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in versions prior to 1.9.2k. SOLUTION: Update to version 1.9.2k. PROVIDED AND/OR DISCOVERED BY: The vendor credits Laurent Estieux, TEHTRI-Security. ORIGINAL ADVISORY: SPIP: http://www.spip-contrib.net/SPIP-1-9-2k-2-0-16-2-1-11-et-3-0-0-beta-disponibles OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 16:14:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 01:14:45 +0200 Subject: [SEC] [SA46632] Libxml2 Two XSLT Double Free Vulnerabilities Message-ID: <201110272314.p9RNEjiV011380@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Libxml2 Two XSLT Double Free Vulnerabilities SECUNIA ADVISORY ID: SA46632 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46632/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46632 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46632/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46632/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46632 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Libxml2, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. 1) A double free error exists in the processing of XPath queries. For more information, see vulnerability #5 in: SA45698 2) A double free error exists in the processing of XPath queries. For more information, see vulnerability #20 in: SA46049 The vulnerabilities are reported in version 2.7.8. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Yang Dingning from NCNIPC, Graduate University of Chinese Academy of Sciences. ORIGINAL ADVISORY: http://code.google.com/p/chromium/issues/detail?id=89402 http://code.google.com/p/chromium/issues/detail?id=93472 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 16:50:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 01:50:04 +0200 Subject: [SEC] [SA46617] HP-UX Containers Unspecified Privilege Escalation Vulnerability Message-ID: <201110272350.p9RNo445002414@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: HP-UX Containers Unspecified Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA46617 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46617/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46617 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46617/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46617/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46617 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in HP-UX Containers (SRP), which can be exploited by malicious, local users to gain escalated privileges. An unspecified error can be exploited to gain unauthorized access and increased privileges. No further information is currently available. Successful exploitation requires that patch PHKL_42310 is installed. The vulnerability is reported in versions A.03.00, A.03.00.002, and A.03.01. SOLUTION: Update to version A.03.01.001. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: HPSBUX02715 SSRT100623: http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03057703 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 17:17:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 02:17:48 +0200 Subject: [SEC] [SA46610] Trend Micro InterScan Web Security Suite "patchCmd" Privilege Escalation Vulnerability Message-ID: <201110280017.p9S0Hmrs025541@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Trend Micro InterScan Web Security Suite "patchCmd" Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA46610 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46610/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46610 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46610/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46610/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46610 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Buguroo Offensive Security has discovered a vulnerability in Trend Micro InterScan Web Security Suite for Linux, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the setuid/setgid root /opt/trend/iwss/data/patch/bin/patchCmd binary when performing certain actions. This can be exploited to gain root privileges by creating a PatchExe.sh or RollbackExe.sh script in the CWD and executing the binary. The vulnerability is confirmed in version 3.1 Build 1027 for Linux. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Jose Ramon Villa, Buguroo Offensive Security ORIGINAL ADVISORY: http://buguroo.com/adv/BSA-2011-002.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 17:49:23 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 02:49:23 +0200 Subject: [SEC] [SA45279] Winamp Multiple Vulnerabilities Message-ID: <201110280049.p9S0nNZH016421@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Winamp Multiple Vulnerabilities SECUNIA ADVISORY ID: SA45279 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/45279/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=45279 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/45279/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/45279/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=45279 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hossein Lotfi has discovered some vulnerabilities in Winamp, which can be exploited by malicious people to compromise a user's system. 1) An error in the in_midi.dll plugin when handling the "iOffsetMusic" value within the Creative Music Format (CMF) header can be exploited to cause a heap-based buffer overflow via a specially crafted MIDI file. 2) An error in the in_mod.dll plugin when handling the "channels" value within the Advanced Module Format (AMF) header can be exploited to cause a heap-based buffer overflow via a specially crafted ".amf" file. 3) An error in the in_nsv.dll plugin when handling the "toc_alloc" value within the Nullsoft Streaming Video (NSV) header can be exploited to cause a heap-based buffer overflow via a specially crafted ".nsv" file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. The vulnerabilities are confirmed in version 5.621. Prior versions may also be affected. SOLUTION: Update to version 5.622. PROVIDED AND/OR DISCOVERED BY: Hossein Lotfi via Secunia. ORIGINAL ADVISORY: Winamp: http://forums.winamp.com/showthread.php?t=332010 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 18:14:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 03:14:08 +0200 Subject: [SEC] [SA46607] Cisco WebEx Player WRF File Processing Vulnerabilities Message-ID: <201110280114.p9S1E8c5006929@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco WebEx Player WRF File Processing Vulnerabilities SECUNIA ADVISORY ID: SA46607 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46607/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46607 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46607/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46607/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46607 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cisco WebEx Player, which can be exploited by malicious people to compromise a user's system. 1) An unspecified error when processing WRF files can be exploited to cause a buffer overflow via a specially crafted ".wrf" file. 2) An integer underflow error within the ATAS32 component when parsing the linesProcessed value from WRF files can be exploited to cause a buffer overflow via a specially crafted ".wrf" file. Successful exploitation of the vulnerabilities may allow execution of arbitrary code. Please see the vendor's advisory for a list of affected versions. SOLUTION: Update to a fixed version (Please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits TippingPoint. 2) Aniway and Anonymous via ZDI. ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-webex ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-308/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 18:50:57 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 03:50:57 +0200 Subject: [SEC] [SA46619] Oracle Solaris Vino Framebuffer Update Handling Denial of Service Vulnerability Message-ID: <201110280150.p9S1ovT2030498@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Solaris Vino Framebuffer Update Handling Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46619 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46619/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46619 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46619/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46619/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46619 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Oracle has acknowledged a vulnerability in Solaris, which can be exploited by malicious users to cause a DoS (Denial of Service). For more information: SA44463 SOLUTION: Apply patch 7046466. ORIGINAL ADVISORY: http://blogs.oracle.com/sunsecurity/entry/multiple_denial_of_service_vulnerabilities OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 19:24:08 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 04:24:08 +0200 Subject: [SEC] [SA46616] Online Subtitles Workshop "comment" Script Insertion Vulnerability Message-ID: <201110280224.p9S2O8kP021926@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Online Subtitles Workshop "comment" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46616 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46616/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46616 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46616/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46616/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46616 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: M.Jock3R has discovered a vulnerability in Online Subtitles Workshop, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "comment" parameter to index.php (when "page" is set to "video_player", "video_id" is set to a valid value, and "submit_comment" is set to "yes") is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is confirmed in version 1.8. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: M.Jock3R ORIGINAL ADVISORY: http://www.the-code.tk/code.php?id=98 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 19:50:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 04:50:43 +0200 Subject: [SEC] [SA46611] Cisco Video Surveillance IP Cameras RTSP TCP Packets Processing Denial of Service Message-ID: <201110280250.p9S2oh99012558@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Video Surveillance IP Cameras RTSP TCP Packets Processing Denial of Service SECUNIA ADVISORY ID: SA46611 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46611/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46611 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46611/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46611/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46611 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple Cisco Video Surveillance IP Cameras, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when processing RTSP TCP packets and can be exploited to reload a device via specially crafted RTSP packets. The vulnerability is reported in the following products and versions: * Cisco Video Surveillance 2421 IP Camera versions prior to 2.4.0. * Cisco Video Surveillance 2500 Series IP Camera versions prior to 2.4.0. * Cisco Video Surveillance 2600 Series IP Camera versions prior to 4.2.0-13. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-camera OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 20:14:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 05:14:36 +0200 Subject: [SEC] [SA46588] Joomla! YJ Contact Us Component "view" Local File Inclusion Vulnerability Message-ID: <201110280314.p9S3Eaqp003028@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! YJ Contact Us Component "view" Local File Inclusion Vulnerability SECUNIA ADVISORY ID: SA46588 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46588/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46588 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46588/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46588/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46588 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the YJ Contact Us component for Joomla!, which can be exploited by malicious people to disclose sensitive information. Input passed via the "view" parameter to index.php (when "option" is set to "com_yjcontactus") is not properly verified before being used to include files. This can be exploited to include arbitrary files from local resources via directory traversal attacks and URL-encoded NULL bytes. The vulnerability is reported in versions prior to 1.0.1. SOLUTION: Update to version 1.0.1. PROVIDED AND/OR DISCOVERED BY: MeGo ORIGINAL ADVISORY: YJ Contact Us: http://www.youjoomla.com/yj-contact-us-1.0.1-released.html http://www.youjoomla.com/joomla_support/announcements/9234-yj-contact-us-vulnerability-discovered-immediate-update-required.html#post42181 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 20:50:15 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 05:50:15 +0200 Subject: [SEC] [SA46600] Cisco Multiple Products Directory Traversal Vulnerability Message-ID: <201110280350.p9S3oFZ4026528@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Multiple Products Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA46600 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46600/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46600 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46600/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46600/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46600 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple Cisco products, which can be exploited by malicious people to disclose sensitive information. Certain input passed via the URL is not properly verified before being used. This can be exploited to disclose the contents of arbitrary files via directory traversal sequences. The vulnerability is reported in the following products: * Cisco Unified Contact Center Express versions 6.0.x, 7.0.x, 8.0.x, and 8.5.x. * Cisco Unified IP Interactive Voice Response versions 6.0.x, 7.0.x, 8.0.x, and 8.5.x. * Cisco Unified Communications Manager versions 6.x, 7.x, and 8.0. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: r at b13$, Digital Defense. ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-uccx http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-cucm Digital Defense (DDIVRT-2011-35): http://archives.neohapsis.com/archives/fulldisclosure/2011-10/0894.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 21:15:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 06:15:09 +0200 Subject: [SEC] [SA46612] Cisco Video Surveillance IP Cameras RTSP TCP Packets Processing Denial of Service Message-ID: <201110280415.p9S4F9Fd017066@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Video Surveillance IP Cameras RTSP TCP Packets Processing Denial of Service SECUNIA ADVISORY ID: SA46612 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46612/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46612 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46612/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46612/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46612 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco Video Surveillance IP Cameras, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46611 The vulnerability is reported in Cisco Video Surveillance 2421 IP Camera and Cisco Video Surveillance 2500 Series IP Camera versions 1.1.x. SOLUTION: Upgrade to version 2.4.0. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-camera OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 21:49:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 06:49:26 +0200 Subject: [SEC] [SA46599] OpenLDAP "UTF8StringNormalize()" Off-by-One Denial of Service Vulnerability Message-ID: <201110280449.p9S4nQNU008069@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: OpenLDAP "UTF8StringNormalize()" Off-by-One Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46599 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46599/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46599 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46599/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46599/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46599 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in OpenLDAP, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to an off-by-one error in the "UTF8StringNormalize()" function when NULL terminating a string. This can be exploited to crash the daemon via e.g. an empty "postalAddressAttribute" value. The vulnerability is reported in version 2.4.x. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. PROVIDED AND/OR DISCOVERED BY: Reported by Howard Chu to the OpenLDAP mailing list. ORIGINAL ADVISORY: http://www.openldap.org/its/index.cgi/Software%20Bugs?id=7059;selectid=7059 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Thu Oct 27 22:14:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 07:14:39 +0200 Subject: [SEC] [SA46606] Novell iPrint Client "GetDriverSettings()" Buffer Overflow Vulnerability Message-ID: <201110280514.p9S5EdrR031026@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Novell iPrint Client "GetDriverSettings()" Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA46606 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46606/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46606 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46606/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46606/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46606 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell iPrint Client, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within the "GetDriverSettings()" function in nipplib.dll. This can be exploited to cause a stack-based buffer overflow via overly long "hostname" and "port" parameters. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in versions prior to 5.72. SOLUTION: Update to version 5.72. PROVIDED AND/OR DISCOVERED BY: gwslabs.com and an anonymous person via ZDI. ORIGINAL ADVISORY: Novell: http://download.novell.com/Download?buildid=bSpj4nhVEZ0~ ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-309/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 10:33:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 19:33:54 +0200 Subject: [SEC] [SA46621] Ubuntu update for backuppc Message-ID: <201110281733.p9SHXs0U025485@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for backuppc SECUNIA ADVISORY ID: SA46621 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46621/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46621 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46621/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46621/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46621 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for backuppc. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information: SA44259 SA46615 NOTE: Ubuntu 11.10 is not affected by CVE-2011-3361. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1249-1: http://www.ubuntu.com/usn/usn-1249-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 11:36:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 20:36:00 +0200 Subject: [SEC] [SA46638] Enspire eClient Unspecified SQL Injection Vulnerability Message-ID: <201110281836.p9SIa0kw017906@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Enspire eClient Unspecified SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46638 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46638/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46638 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46638/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46638/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46638 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Enspire, which can be exploited by malicious people to conduct SQL injection attacks. Certain unspecified input passed to the eClient module is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is reported in version 7.3.2.7 (eClient version 7.3.2.3). Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: US-CERT credits Alastair Gray, Graycon Group. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/402731 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 12:35:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 21:35:33 +0200 Subject: [SEC] [SA46634] Tor TLS Certificate Reuse User De-Anonymisation Security Issue Message-ID: <201110281935.p9SJZXvv010196@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Tor TLS Certificate Reuse User De-Anonymisation Security Issue SECUNIA ADVISORY ID: SA46634 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46634/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46634 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46634/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46634/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46634 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in Tor, which can be exploited by malicious people to disclose potentially sensitive information. The security issue is caused due to clients reusing the TLS certificate on certain connections. This can be exploited to e.g. fingerprint and de-anonymise a user by e.g. using the user's certificate identity key to probe various guard relays to determine whether or not the user is connected to them. Note: Additionally, enhancement have been made to protect against bridge enumeration attacks. The security issue is reported in versions prior to 0.2.2.34. SOLUTION: Update to version 0.2.2.34. PROVIDED AND/OR DISCOVERED BY: The vendor credits frosty_un. ORIGINAL ADVISORY: https://blog.torproject.org/blog/tor-02234-released-security-patches OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 13:35:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 22:35:05 +0200 Subject: [SEC] [SA46615] BackupPC "num" Cross-Site Scripting Vulnerability Message-ID: <201110282035.p9SKZ5GS002459@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: BackupPC "num" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46615 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46615/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46615 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46615/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46615/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46615 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BackupPC, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed to the "num" parameter in index.cgi (when "action" is set to "view", "type" is set to "XferLOG" or "XferErr", and "host" is set to a valid host) is not properly sanitised before being returned to the user in View.pm. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is reported in version 3.2.1. Prior versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Reported by Jamie Strandboge, Canonical to the OSS mailing list. ORIGINAL ADVISORY: http://seclists.org/oss-sec/2011/q4/171 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 14:28:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 23:28:59 +0200 Subject: [SEC] [SA46650] VMware ESXi Server "sblim-sfcb" Integer Overflow Vulnerability Message-ID: <201110282128.p9SLSxmk026934@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: VMware ESXi Server "sblim-sfcb" Integer Overflow Vulnerability SECUNIA ADVISORY ID: SA46650 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46650/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46650 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46650/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46650/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46650 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged a vulnerability in VMware ESXi Server, which can be exploited by malicious people to potentially compromise a vulnerable system. For more information: SA40018 The vulnerability is reported in version 4.1. SOLUTION: Apply patch ESXi410-201110201-SG. ORIGINAL ADVISORY: VMware (VMSA-2011-0013): http://lists.vmware.com/pipermail/security-announce/2011/000149.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 14:50:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Fri, 28 Oct 2011 23:50:14 +0200 Subject: [SEC] [SA46601] Gentoo update for libxml2 Message-ID: <201110282150.p9SLoElD017296@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for libxml2 SECUNIA ADVISORY ID: SA46601 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46601/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46601 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46601/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46601/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46601 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for libxml2. This fixes multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service) or potentially compromise an application using the library. For more information: SA42175 SA42721 SA44711 SA46632 SOLUTION: Update to version "dev-libs/libxml2-2.7.8-r3" or later. ORIGINAL ADVISORY: GLSA 201110-26: http://security.gentoo.org/glsa/glsa-201110-26.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 15:14:47 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 00:14:47 +0200 Subject: [SEC] [SA46569] Cisco NX-OS / Unified Computing System "section" and "less" Privilege Escalation Vulnerabilities Message-ID: <201110282214.p9SMElau007802@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco NX-OS / Unified Computing System "section" and "less" Privilege Escalation Vulnerabilities SECUNIA ADVISORY ID: SA46569 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46569/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46569 RELEASE DATE: 2011-10-28 DISCUSS ADVISORY: http://secunia.com/advisories/46569/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46569/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46569 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Peter Adkins has reported two vulnerabilities in Cisco NX-OS and Cisco Unified Computing System, which can be exploited by malicious, local users to perform certain actions with escalated privileges. The vulnerabilities are caused due to input validation errors in the "section" and "less" commands and can be exploited to inject and execute arbitrary shell commands with "root" privileges. Please see the vendor's advisory for the list of affected software. SOLUTION: Apply patches. Please contact the vendor for more information. PROVIDED AND/OR DISCOVERED BY: Peter Adkins ORIGINAL ADVISORY: Cisco: http://tools.cisco.com/security/center/viewAlert.x?alertId=24458 Peter Adkins: http://archives.neohapsis.com/archives/bugtraq/2011-10/0148.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 15:50:11 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 00:50:11 +0200 Subject: [SEC] [SA46649] FFFTP Insecure Executable Loading Vulnerability Message-ID: <201110282250.p9SMoBxx031302@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: FFFTP Insecure Executable Loading Vulnerability SECUNIA ADVISORY ID: SA46649 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46649/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46649 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46649/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46649/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46649 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in FFFTP, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to the application loading executables (e.g. notepad.exe) in an insecure manner. This can be exploited to run an arbitrary program by tricking a user into e.g. opening a file located on a remote WebDAV or SMB share. Successful exploitation allows execution of arbitrary code. The vulnerability is reported in version 1.98a and prior. SOLUTION: Update to version 1.98b. PROVIDED AND/OR DISCOVERED BY: JVN credits Makoto Shiotsuki. ORIGINAL ADVISORY: FFFTP: http://sourceforge.jp/projects/ffftp/wiki/Security JVN: http://jvn.jp/en/jp/JVN62336482/index.html http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000091.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 16:16:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 01:16:32 +0200 Subject: [SEC] [SA46637] D-Link Products SSH Server Buffer Overflow Vulnerability Message-ID: <201110282316.p9SNGW1J021932@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: D-Link Products SSH Server Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA46637 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46637/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46637 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46637/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46637/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46637 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in multiple D-Link products, which can be exploited by malicious people to compromise a vulnerable device. The vulnerability is caused due to an unspecified error within the Secure Shell (SSH) server and can be exploited to cause a buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is reported in the following products: * D-Link DES-3800 Series firmware prior to R4.50B052. * D-Link DWL-2100AP firmware prior to 2.50RC548. * D-Link DWL-3200AP firmware prior to 2.55RC549. SOLUTION: Update to fixed firmware (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: JVN credits Hisashi Kojima, and Masahiro Nakada, Fujitsu Laboratories Ltd. ORIGINAL ADVISORY: D-Link (DL-VU2011-001): http://www.dlink-jp.com/page/sc/F/security_info20111028.html JVN: http://jvn.jp/en/jp/JVN72640744/index.html http://jvndb.jvn.jp/ja/contents/2011/JVNDB-2011-000092.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 16:50:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 01:50:49 +0200 Subject: [SEC] [SA46529] VMware ESX Server Multiple Vulnerabilities Message-ID: <201110282350.p9SNon7M012943@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: VMware ESX Server Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46529 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46529/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46529 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46529/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46529/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46529 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged multiple vulnerabilities in VMware ESX Server, which can be exploited by malicious, local users to disclose potentially sensitive information, by malicious users to cause a DoS (Denial of Service), and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, conduct spoofing attacks, conduct DNS cache poisoning attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. 1) An error exists in the bundled version of the OpenSSL library. For more information: SA42473 2) An error exists in the bundled version of the libuser library. For more information: SA42891 3) Two errors exist in the bundled version of the NSS library. For more information see vulnerabilities #7 and #10: SA41244 4) Multiple vulnerabilities exist in the bundled version of Sun Java JRE. For more information: SA39762 SA41791 SA43262 SA44784 5) An integer overflow error exists in the bundled version of sblim-sfcb. For more information: SA40018 The vulnerabilities are reported in versions 3.5, 4.0, and 4.1. SOLUTION: Apply patches where available (please see the vendor's advisory for details). ORIGINAL ADVISORY: VMware (VMSA-2011-0013): http://lists.vmware.com/pipermail/security-announce/2011/000149.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 17:19:34 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 02:19:34 +0200 Subject: [SEC] [SA46647] IBM Lotus Sametime Configuration Servlet Authentication Security Issue Message-ID: <201110290019.p9T0JYCD003673@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM Lotus Sametime Configuration Servlet Authentication Security Issue SECUNIA ADVISORY ID: SA46647 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46647/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46647 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46647/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46647/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46647 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in IBM Lotus Sametime, which can be exploited by malicious people to disclose potentially sensitive information. The security issue is caused due to the configuration servlet not authenticating requests and can be exploited to gain read access to certain configuration data. Please see the vendor's advisory for a list of affected versions. SOLUTION: Apply a workaround (a fix is scheduled for version 8.5.2 IFR 1). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor ORIGINAL ADVISORY: http://www.ibm.com/support/docview.wss?uid=swg21569452 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 17:49:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 02:49:36 +0200 Subject: [SEC] [SA46608] SUSE update for kernel Message-ID: <201110290049.p9T0naiG026898@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for kernel SECUNIA ADVISORY ID: SA46608 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46608/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46608 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46608/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46608/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46608 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for the kernel. This fixes some vulnerabilities, which can be exploited by malicious people with physical access to potentially compromise a vulnerable system and by malicious people to cause a DoS (Denial of Service). For more information: SA45695 SA45936 1) A boundary error when handling string descriptors during new device probes in the "auerswald_probe()" function (drivers/usb/misc/auerswald.c) can be exploited to cause a buffer overflow by inserting a malicious USB device. Successful exploitation of this vulnerability may allow the execution of arbitrary code. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1195-1: http://lists.opensuse.org/opensuse-security-announce/2011-10/msg00013.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 18:14:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 03:14:59 +0200 Subject: [SEC] [SA46633] HP-UX update for BIND Message-ID: <201110290114.p9T1ExXb017464@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: HP-UX update for BIND SECUNIA ADVISORY ID: SA46633 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46633/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46633 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46633/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46633/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46633 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: HP has issued an update for BIND in HP-UX. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45082 The vulnerability is reported in the following versions: * HP-UX B.11.31 running BIND 9.3 prior to C.9.3.2.10.0. * HP-UX B.11.11 and B.11.23 running BIND 9.3 prior to C.9.3.2.9.0. SOLUTION: Apply patches. ORIGINAL ADVISORY: HPSBUX02719 SSRT100658: http://h20565.www2.hp.com/portal/site/hpsc/public/kb/docDisplay/?docId=emr_na-c03070783 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 18:49:42 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 03:49:42 +0200 Subject: [SEC] [SA46651] VMware vCenter Products JRE Multiple Vulnerabilities Message-ID: <201110290149.p9T1ngHx008506@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: VMware vCenter Products JRE Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46651 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46651/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46651 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46651/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46651/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46651 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: VMware has acknowledged multiple vulnerabilities in multiple VMware vCenter products, which can be exploited by malicious, local users to disclose potentially sensitive information, by malicious users to cause a DoS (Denial of Service), and by malicious people to disclose potentially sensitive information, manipulate certain data, bypass certain security restrictions, conduct spoofing attacks, conduct DNS cache poisoning attacks, cause a DoS (Denial of Service), and compromise a vulnerable system. The application bundles a vulnerable version of Sun Java JRE. For more information: SA39762 SA41791 SA43262 SA44784 The vulnerabilities are reported in the following products: * VMware vCenter versions 4.0 and 4.1. * VMware VirutalCenter version 2.5. * VMware vCenter Update Manager versions 4.0 and 4.1. SOLUTION: Apply patches where available (please see the vendor's advisory for details). ORIGINAL ADVISORY: VMware (VMSA-2011-0013): http://lists.vmware.com/pipermail/security-announce/2011/000149.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 19:23:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 04:23:00 +0200 Subject: [SEC] [SA46626] Fedora update for radvd Message-ID: <201110290223.p9T2N0dp032338@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for radvd SECUNIA ADVISORY ID: SA46626 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46626/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46626 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46626/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46626/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46626 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for radvd. This fixes some security issues, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to cause a DoS (Denial of Service). For more information: SA46200 SOLUTION: Apply updated packages via the yum utility ("yum update radvd"). ORIGINAL ADVISORY: FEDORA-2011-14000: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068481.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 19:52:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 04:52:09 +0200 Subject: [SEC] [SA46623] Drupal Organic groups Module Security Bypass Vulnerability Message-ID: <201110290252.p9T2q9Qn023091@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Drupal Organic groups Module Security Bypass Vulnerability SECUNIA ADVISORY ID: SA46623 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46623/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46623 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46623/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46623/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46623 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Organic groups module for Drupal, which can be exploited by malicious people to bypass certain security restrictions. The vulnerability is caused due to the module not properly restricting access to certain entities in group contexts and can be exploited to manipulate the entities. The vulnerability is reported in versions prior to 7.x-1.2. SOLUTION: Update to version 7.x-1.2. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Matthias Hutterer. ORIGINAL ADVISORY: SA-CONTRIB-2011-050: http://drupal.org/node/1322380 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 20:14:55 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 05:14:55 +0200 Subject: [SEC] [SA46631] Cisco Security Agent Outside In Technology File Processing Vulnerabilities Message-ID: <201110290314.p9T3EtI4013536@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Security Agent Outside In Technology File Processing Vulnerabilities SECUNIA ADVISORY ID: SA46631 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46631/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46631 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46631/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46631/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46631 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Cisco has acknowledged two vulnerabilities in Cisco Security Agent, which can be exploited by malicious people to compromise a vulnerable system. For more information: SA44295 The vulnerabilities are reported in versions prior to 6.0.2.151 running on Windows. SOLUTION: Update to version 6.0.2.151. ORIGINAL ADVISORY: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20111026-csa OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 20:50:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 05:50:13 +0200 Subject: [SEC] [SA46554] Red Hat update for xen Message-ID: <201110290350.p9T3oDGB004596@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for xen SECUNIA ADVISORY ID: SA46554 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46554/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46554 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46554/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46554/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46554 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for xen. This fixes a weakness, which can be exploited by malicious, local users in a guest virtual machine to cause a DoS (Denial of Service). For more information: SA45886 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1401-01: https://rhn.redhat.com/errata/RHSA-2011-1401.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 21:15:20 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 06:15:20 +0200 Subject: [SEC] [SA46583] Linux-PAM "pam_env" Module Two Vulnerabilities Message-ID: <201110290415.p9T4FKmc027569@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Linux-PAM "pam_env" Module Two Vulnerabilities SECUNIA ADVISORY ID: SA46583 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46583/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46583 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46583/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46583/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46583 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Linux-PAM, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges. 1) A boundary error within the "_assemble_line()" function (modules/pam_env/pam_env.c) of the "pam_env" module can be exploited to cause a stack-based buffer overflow via e.g. a specially crafted "~/.pam_environment" file. 2) The "_expand_arg()" function (modules/pam_env/pam_env.c) of the "pam_env" module does not properly abort when encountering certain conditions during the expansion of environment variables, which can be exploited to e.g. cause a high CPU consumption via specially crafted environment variables. The vulnerabilities are reported in version 1.1.4. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Kees Cook ORIGINAL ADVISORY: http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=caf5e7f61c8d9288daa49b4f61962e6b1239121d http://git.fedorahosted.org/git/?p=linux-pam.git;a=commitdiff;h=109823cb621c900c07c4b6cdc99070d354d19444 https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874469 https://bugs.launchpad.net/ubuntu/+source/pam/+bug/874565 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 21:49:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 06:49:41 +0200 Subject: [SEC] [SA46550] Puppet "certdnsnames" Puppet Master Impersonation Vulnerability Message-ID: <201110290449.p9T4nfJs018597@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Puppet "certdnsnames" Puppet Master Impersonation Vulnerability SECUNIA ADVISORY ID: SA46550 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46550/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46550 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46550/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46550/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46550 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Puppet, which can be exploited by malicious users to conduct spoofing attacks. The vulnerability is caused due to the application inserting the puppet master's DNS alt names ("certdnsnames") into the X.509 Subject Alternative Name field of the certificate issued to the puppet agent. This can be exploited to impersonate the puppet master via Man-in-the-Middle (MitM) attacks. The vulnerability is reported in versions 0.24.0 through 2.7.5. SOLUTION: Update to a fixed version. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://puppetlabs.com/security/cve/cve-2011-3872/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Fri Oct 28 22:15:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 07:15:10 +0200 Subject: [SEC] [SA46496] Gentoo update for xorg-server Message-ID: <201110290515.p9T5FAV6009150@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gentoo update for xorg-server SECUNIA ADVISORY ID: SA46496 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46496/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46496 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46496/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46496/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46496 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Gentoo has issued an update for xorg-server. This fixes a weakness and a security issue, which can be exploited by malicious, local users to disclose system and sensitive information and cause a DoS (Denial of Service). For more information: SA46460 SOLUTION: Update to version "x11-base/xorg-server-1.9.5-r1" or later or "x11-base/xorg-server-1.10.4-r1" or later. ORIGINAL ADVISORY: GLSA 201110-19: http://www.gentoo.org/security/en/glsa/glsa-201110-19.xml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 10:34:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 19:34:44 +0200 Subject: [SEC] [SA46228] IBM Tivoli Monitoring Eclipse Help Server Two Vulnerabilities Message-ID: <201110291734.p9THYiiu003614@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: IBM Tivoli Monitoring Eclipse Help Server Two Vulnerabilities SECUNIA ADVISORY ID: SA46228 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46228/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46228 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46228/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46228/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46228 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in IBM Tivoli Monitoring, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks. 1) Certain unspecified input passed to the Eclipse Help Server is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) An unspecified error within the Eclipse Help Server can be exploited to conduct conduct spoofing or phishing attacks. The vulnerabilities are reported in versions 6.2, 6.2.1, and 6.2.2. SOLUTION: Apply APAR IV02305 or update to version 6.2.2 Fix Pack 6 (6.2.2-TIV-ITM-FP0006). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: IBM (IV02305): https://www-304.ibm.com/support/docview.wss?uid=swg1IV02305 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 11:35:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 20:35:06 +0200 Subject: [SEC] [SA46246] BaserCMS Unspecified Security Bypass Vulnerability Message-ID: <201110291835.p9TIZ6Fh028373@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: BaserCMS Unspecified Security Bypass Vulnerability SECUNIA ADVISORY ID: SA46246 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46246/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46246 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46246/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46246/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46246 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in BaserCMS, which can be exploited by malicious users to bypass certain security restrictions. The vulnerability is caused due to an unspecified error and can be exploited to gain administrative privileges and modify the administrator's information. The vulnerability is reported in versions 1.6.11.4 and prior. SOLUTION: Install patch or update to version 1.6.12 or later. PROVIDED AND/OR DISCOVERED BY: JVN credits Masako Ohno. ORIGINAL ADVISORY: JVN#16617002, Japanese: http://jvn.jp/jp/JVN16617002/index.html JVN#16617002, English: http://jvn.jp/en/jp/JVN16617002/index.html JVNDB-2011-000066: http://jvndb.jvn.jp/jvndb/JVNDB-2011-000066 BaserCMS: http://basercms.net/patch/JVN09789751 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 12:34:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 21:34:30 +0200 Subject: [SEC] [SA46236] WordPress WP Bannerize Plugin "item[]" SQL Injection Vulnerability Message-ID: <201110291934.p9TJYUS4020680@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress WP Bannerize Plugin "item[]" SQL Injection Vulnerability SECUNIA ADVISORY ID: SA46236 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46236/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46236 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46236/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46236/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46236 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Miroslav Stampar has discovered a vulnerability in the WP Bannerize plugin for WordPress, which can be exploited by malicious people to conduct SQL injection attacks. Input passed via the "item[]" parameter to wp-content/plugins/wp-bannerize/ajax_sorter.php (when the "X_REQUESTED_WITH" HTTP header is set) is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 2.8.7. Prior versions may also be affected. SOLUTION: Update to version 2.8.8. PROVIDED AND/OR DISCOVERED BY: Miroslav Stampar ORIGINAL ADVISORY: WP Bannerize: http://wordpress.org/extend/plugins/wp-bannerize/changelog/ http://plugins.trac.wordpress.org/changeset/443872/wp-bannerize/trunk/ajax_sorter.php?old=309456&old_path=wp-bannerize%2Ftrunk%2Fajax_sorter.php Miroslav Stampar: http://unconciousmind.blogspot.com/2011/09/wordpress-wp-bannerize-plugin-287-sql.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 13:35:01 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 22:35:01 +0200 Subject: [SEC] [SA46266] WordPress Cover WP Theme "s" Cross-Site Scripting Vulnerability Message-ID: <201110292035.p9TKZ11g013029@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Cover WP Theme "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46266 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46266/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46266 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46266/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46266/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46266 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sitewatch has discovered a vulnerability in the Cover WP theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "s" parameter to index.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 1.6.5. Prior versions may also be affected. SOLUTION: Update to version 1.6.6. PROVIDED AND/OR DISCOVERED BY: Sitewatch ORIGINAL ADVISORY: https://sitewat.ch/en/Advisories/18 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 14:29:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 23:29:30 +0200 Subject: [SEC] [SA46256] SUSE update for seamonkey Message-ID: <201110292129.p9TLTUhV005060@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for seamonkey SECUNIA ADVISORY ID: SA46256 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46256/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46256 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46256/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46256/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46256 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for seamonkey. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46204 SOLUTION: Apply updated packages via the zypper package manager (also apply updated packages that fix some regressions). ORIGINAL ADVISORY: openSUSE-SU-2011:1077-1: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00029.html openSUSE-SU-2011:1076-3: http://lists.opensuse.org/opensuse-updates/2011-10/msg00010.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 14:50:10 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sat, 29 Oct 2011 23:50:10 +0200 Subject: [SEC] [SA46263] Perl FCGI Module CGI::Fast API Environment Variables Security Bypass Message-ID: <201110292150.p9TLoAQF027817@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Perl FCGI Module CGI::Fast API Environment Variables Security Bypass SECUNIA ADVISORY ID: SA46263 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46263/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46263 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46263/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46263/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46263 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A security issue has been reported in the FCGI module for Perl, which can be exploited by malicious people to bypass certain security restrictions. The security issue is caused due to the CGI::Fast API not properly resetting environment variables, which can be exploited to leak information (e.g. authentication credentials) from the second request into subsequent requests, if the first request had an empty environment. Note: Successful exploitation requires that the deprecated CGI::Fast API is used. The security issue is reported in versions 0.7x prior to 0.74. SOLUTION: Update to version 0.74. PROVIDED AND/OR DISCOVERED BY: Reported in a bug by ssinyagin. ORIGINAL ADVISORY: http://cpansearch.perl.org/src/FLORA/FCGI-0.74/ChangeLog https://rt.cpan.org/Public/Bug/Display.html?id=68380 http://git.shadowcat.co.uk/gitweb/gitweb.cgi?p=catagits/fcgi2.git;a=commitdiff;h=297693dc8362d25bb25e473899c72508a0f71d2e OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 15:15:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 00:15:40 +0200 Subject: [SEC] [SA46222] ProjectForum "newname" Script Insertion Vulnerability Message-ID: <201110292215.p9TMFeb6018386@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: ProjectForum "newname" Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46222 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46222/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46222 RELEASE DATE: 2011-10-29 DISCUSS ADVISORY: http://secunia.com/advisories/46222/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46222/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46222 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in ProjectForum, which can be exploited by malicious people to conduct script insertion attacks. Input passed via the "newname" parameter when renaming a page is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerability is confirmed in version 7.0.1.3038. Other version may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: US-CERT credits Paul Davis. ORIGINAL ADVISORY: http://www.kb.cert.org/vuls/id/901251 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 15:49:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 00:49:39 +0200 Subject: [SEC] [SA46248] phpPgAdmin Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201110292249.p9TMndLt009377@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: phpPgAdmin Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA46248 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46248/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46248 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46248/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46248/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46248 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in phpPgAdmin, which can be exploited by malicious people to conduct cross-site scripting attacks. 1) Certain unspecified input related to the page title is not properly sanitised in classes/Misc.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed to the "return_url" and "return_desc" parameters in display.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerabilities are reported in versions prior to 5.0.3. SOLUTION: Update to version 5.0.3 PROVIDED AND/OR DISCOVERED BY: The vendor credits Mateusz Goik. ORIGINAL ADVISORY: http://freshmeat.net/projects/phppgadmin/releases/336969 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 16:15:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 01:15:46 +0200 Subject: [SEC] [SA46258] Ubuntu update for linux-lts-backport-maverick Message-ID: <201110292315.p9TNFkTo032398@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-lts-backport-maverick SECUNIA ADVISORY ID: SA46258 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46258/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46258 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46258/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46258/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46258 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-lts-backport-maverick. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA44754 SA45420 SA45533 SA45695 SA46251 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1219-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001431.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 16:49:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 01:49:26 +0200 Subject: [SEC] [SA46279] Perl Digest Module "Digest->new()" Code Injection Vulnerability Message-ID: <201110292349.p9TNnQCZ023399@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Perl Digest Module "Digest->new()" Code Injection Vulnerability SECUNIA ADVISORY ID: SA46279 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46279/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46279 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46279/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46279/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46279 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Digest module for Perl, which can be exploited by malicious people to compromise an application using the vulnerable module. The vulnerability is caused due to the "Digest->new()" function not properly sanitising input before using it in an "eval()" call, which can be exploited to inject and execute arbitrary Perl code. The vulnerability is reported in versions prior to 1.17. SOLUTION: Update to version 1.17. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://cpansearch.perl.org/src/GAAS/Digest-1.17/Changes OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 17:18:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 02:18:38 +0200 Subject: [SEC] [SA46116] Debian update for iceweasel and xulrunner Message-ID: <201110300018.p9U0Icl0014156@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for iceweasel and xulrunner SECUNIA ADVISORY ID: SA46116 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46116/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46116 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46116/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46116/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46116 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for iceweasel and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46203 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2313-1: http://www.debian.org/security/2011/dsa-2313 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 17:50:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 02:50:07 +0200 Subject: [SEC] [SA46298] Pidgin "silc_private_message()" Denial of Service Weakness Message-ID: <201110300050.p9U0o7JI005017@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Pidgin "silc_private_message()" Denial of Service Weakness SECUNIA ADVISORY ID: SA46298 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46298/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46298 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46298/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46298/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46298 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A weakness has been reported in Pidgin, which can be exploited by malicious people to cause a DoS (Denial of Service). The weakness is caused due to an input sanitation error within the "silc_private_message()" function (libpurple/protocols/silc/ops.c), which can be exploited to cause an out of bounds read by sending a specially crafted SILC message. The weakness is reported in version 2.10.0. Other versions may also be affected. SOLUTION: Fixed in the MTN repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Diego Bauche Madero, IOActive ORIGINAL ADVISORY: http://developer.pidgin.im/ticket/14636 http://developer.pidgin.im/viewmtn/revision/info/7eb1f6d56cc58bbb5b56b7df53955d36b9b419b8 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 18:15:46 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 02:15:46 +0100 Subject: [SEC] [SA46262] SUSE update for yast2-core Message-ID: <201110300115.p9U1Fk74028021@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for yast2-core SECUNIA ADVISORY ID: SA46262 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46262/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46262 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46262/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46262/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46262 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for yast2-core. This fixes a security issue, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to the YaST Communication Protocol (YCP) logging client arguments in /var/log/YaST2/ and can be exploited to e.g. disclose AutoYaST passwords. SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: SUSE-SU-2011:1081-1: https://hermes.opensuse.org/messages/11942500 SUSE-SU-2011:1081-2: https://hermes.opensuse.org/messages/11955287 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 19:28:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 03:28:56 +0100 Subject: [SEC] [SA46129] OmniDocs Two Security Bypass Vulnerabilities Message-ID: <201110300228.p9U2Suib021005@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: OmniDocs Two Security Bypass Vulnerabilities SECUNIA ADVISORY ID: SA46129 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46129/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46129 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46129/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46129/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46129 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Sohil Garg has reported two vulnerabilities in OmniDocs, which can be exploited by malicious users to bypass certain security restrictions. 1) Input passed via the "FolderRights" parameter to the omnidocs/doccab/doclist.jsp script (when "DocListFolderId", "FolderType", "FolderName", "FolderOwner", "FolderLocation", "FolderAccessType", "ParentFolderIndex", "FolderPathFlag", and "VolIndex" parameters are set to valid values) is not properly verified for appropriate access permissions and can be exploited to gain full access to certain document folders. 2) Input passed via the "UserIndex" parameter to the omnidocs/doccab/userprofile/editprofile.jsp script is not properly verified for appropriate access permissions and can be exploited to change other user's personal settings. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Sohil Garg ORIGINAL ADVISORY: http://seclists.org/fulldisclosure/2011/Sep/283 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 19:50:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 03:50:41 +0100 Subject: [SEC] [SA43157] Symantec IM Manager Multiple Vulnerabilities Message-ID: <201110300250.p9U2ofx9011375@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Symantec IM Manager Multiple Vulnerabilities SECUNIA ADVISORY ID: SA43157 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/43157/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=43157 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/43157/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/43157/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=43157 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in Symantec IM Manager, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. 1) Input passed to the "refreshRateSetting" parameter in IMManager/Admin/IMAdminSystemDashboard.asp, "nav" and "menuitem" parameters in IMManager/Admin/IMAdminTOC_simple.asp, and "action" parameter in IMManager/Admin/IMAdminEdituser.asp is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "rdProcess" parameter is not properly sanitised in IMManager/IMLogWeb/rdprocess.aspx before being used in "rdServer.ActionProcessor.ProcessAction()" calls. This can be exploited to inject and execute arbitrary shell commands. Successful exploitation of this vulnerability may allow execution of arbitrary code. The vulnerabilities are reported in version 8.4.17 and prior. SOLUTION: Update to version 8.4.18. PROVIDED AND/OR DISCOVERED BY: 1) Sow Ching Shiong via Secunia. 2) Andrea Micalizzi (rgod) via ZDI. ORIGINAL ADVISORY: Symantec: http://www.symantec.com/business/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2011&suid=20110929_00 ZDI: http://www.zerodayinitiative.com/advisories/ZDI-11-294/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 20:29:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 04:29:26 +0100 Subject: [SEC] [SA46229] Hitachi Products ByteRange Filter Denial of Service Vulnerability Message-ID: <201110300329.p9U3TQ8I001252@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Hitachi Products ByteRange Filter Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46229 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46229/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46229 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46229/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46229/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46229 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Hitachi has acknowledged a vulnerability in multiple Hitachi products, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA45606 Please see the vendor's advisories for a list of affected versions. SOLUTION: Apply fixes (please see the vendor's advisory for details). ORIGINAL ADVISORY: Hitachi (Japanese): http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-020/index.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-021/index.html http://www.hitachi.co.jp/Prod/comp/soft1/security/info/./vuls/HS11-022/index.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 20:50:12 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 04:50:12 +0100 Subject: [SEC] [SA46252] SUSE update for mozilla-xulrunner192 Message-ID: <201110300350.p9U3oCeS024042@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for mozilla-xulrunner192 SECUNIA ADVISORY ID: SA46252 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46252/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46252 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46252/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46252/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46252 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for mozilla-xulrunner192. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46203 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1076-1: http://lists.opensuse.org/opensuse-security-announce/2011-09/msg00028.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 21:16:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 05:16:31 +0100 Subject: [SEC] [SA46251] Ubuntu update for linux-ti-omap4 Message-ID: <201110300416.p9U4GVfb014670@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for linux-ti-omap4 SECUNIA ADVISORY ID: SA46251 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46251/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46251 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46251/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46251/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46251 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for linux-ti-omap4. This fixes a weakness and multiple vulnerabilities, which can be exploited by malicious, local users to cause a DoS (Denial of Service) and potentially gain escalated privileges and by malicious people to cause a DoS and potentially compromise a vulnerable system. For more information: SA44754 SA45420 SA45695 1) A vulnerability related to VLAN GRO_DROP and the "napi_reuse_skb()" function can be exploited to cause a DoS by sending specially crafted packets. SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: 1) The vendor credits Ryan Sweat. ORIGINAL ADVISORY: USN-1220-1: https://lists.ubuntu.com/archives/ubuntu-security-announce/2011-September/001432.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 21:50:56 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 05:50:56 +0100 Subject: [SEC] [SA46195] GMER 7201C008h IOCTL Handling Privilege Escalation Vulnerability Message-ID: <201110300450.p9U4ouEe005683@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: GMER 7201C008h IOCTL Handling Privilege Escalation Vulnerability SECUNIA ADVISORY ID: SA46195 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46195/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46195 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46195/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46195/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46195 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in GMER, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error when processing the 0x7201C008 IOCTL and can be exploited to corrupt certain system data (e.g. filesystem table). Successful exploitation may allow execution of arbitrary code with SYSTEM privileges, but requires guessing the device filename, which is based on certain system information. The vulnerability is confirmed in version 1.0.15.15641. Other versions may also be affected. SOLUTION: Restrict access to trusted users only. PROVIDED AND/OR DISCOVERED BY: Heurs OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 22:18:49 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 06:18:49 +0100 Subject: [SEC] [SA46247] Ubuntu update for mutt Message-ID: <201110300518.p9U5InrE028792@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for mutt SECUNIA ADVISORY ID: SA46247 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46247/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46247 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46247/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46247/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46247 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for mutt. This fixes a security issue, which can be exploited by malicious people to conduct spoofing attacks. For more information: SA44937 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1221-1: http://www.ubuntu.com/usn/usn-1221-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 22:52:43 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 06:52:43 +0100 Subject: [SEC] [SA46211] Plesk and Parallels Plesk Panel Multiple Cross-Site Scripting Vulnerabilities Message-ID: <201110300552.p9U5qh42019776@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Plesk and Parallels Plesk Panel Multiple Cross-Site Scripting Vulnerabilities SECUNIA ADVISORY ID: SA46211 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46211/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46211 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46211/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46211/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46211 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: David Hoyt has reported multiple vulnerabilities in Plesk and Parallels Plesk Panel, which can be exploited by malicious people to conduct cross-site scripting attacks. For more information see vulnerability #1 in: SA46158 The vulnerabilities are reported in versions 8.6, 9.3, and 9.5. SOLUTION: Upgrade to version 10.3 or apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: David Hoyt ORIGINAL ADVISORY: David Hoyt: http://xss.cx/examples/plesk-reports/xss-reflected-cross-site-scripting-cwe79-capec86-plesk-parallels-control-panel-version-20110407.20.html http://xss.cx/examples/plesk-reports/plesk-redhat-el6-psa-10.2.0-build-1011110331.18-xss-sqli-cwe79-cwe89-javascript-injection-exception-example-poc-report-paros-burp-suite-pro-1.4.1.html Parallels: http://kb.parallels.com/112303 http://kb.parallels.com/112405 http://kb.parallels.com/112407 http://kb.parallels.com/112408 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sat Oct 29 23:18:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 07:18:14 +0100 Subject: [SEC] [SA46158] Parallels Plesk Panel Cross-Site Scripting and SQL Injection Vulnerabilities Message-ID: <201110300618.p9U6IE8w010349@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Parallels Plesk Panel Cross-Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46158 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46158/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46158 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46158/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46158/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46158 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: David Hoyt has reported multiple vulnerabilities in Parallels Plesk Panel, which can be exploited by malicious people to conduct cross-site scripting and SQL injection attacks. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in versions 10.0 through 10.2. SOLUTION: Update to version 10.3 or apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: David Hoyt ORIGINAL ADVISORY: David Hoyt: http://xss.cx/examples/plesk-reports/xss-reflected-cross-site-scripting-cwe79-capec86-plesk-parallels-control-panel-version-20110407.20.html http://xss.cx/examples/plesk-reports/plesk-redhat-el6-psa-10.2.0-build-1011110331.18-xss-sqli-cwe79-cwe89-javascript-injection-exception-example-poc-report-paros-burp-suite-pro-1.4.1.html Parallels: http://kb.parallels.com/112403 http://kb.parallels.com/112402 http://kb.parallels.com/112401 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 11:38:04 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 19:38:04 +0100 Subject: [SEC] [SA46176] Traq Multiple Cross Site Scripting and SQL Injection Vulnerabilities Message-ID: <201110301838.p9UIc4Vp004806@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Traq Multiple Cross Site Scripting and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46176 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46176/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46176 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46176/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46176/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46176 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: High-Tech Bridge SA has discovered multiple vulnerabilities in Traq, which can be exploited by malicious people to conduct cross site scripting and SQL injection attacks. 1) Input passed via the "edit" parameter to admincp/components.php, admincp/ticket_templates.php, admincp/custom_fields.php, and admincp/groups.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Input passed via the "errors[]" parameter to admincp/components.php, admincp/groups.php, admincp/projects.php, admincp/repositories.php, and admincp/users.php (when "edit" and "error" are set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Input passed via the "errors[]" parameter to admincp/plugins.php (when "create" and "error" are set) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation of vulnerabilities #2 and #3 requires that "register_globals" is enabled. 4) Input passed via the "goto" parameter to user/login is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 5) Input passed via the "sort" and "order" parameters to project tickets is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 6) Input passed via the "component", "priority", "severity", "status", "type", and "version" parameters to project tickets (when "columns" is set to "ticket") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are confirmed in version 2.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: High-Tech Bridge SA ORIGINAL ADVISORY: HTB23046: https://www.htbridge.ch/advisory/multiple_vulnerabilities_in_traq.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 12:35:48 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 20:35:48 +0100 Subject: [SEC] [SA46219] Magtrb MyNews "basepath" File Inclusion Vulnerabilities Message-ID: <201110301935.p9UJZk5E029428@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Magtrb MyNews "basepath" File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA46219 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46219/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46219 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46219/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46219/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46219 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: kurdish hackers team has discovered multiple vulnerabilities in Magtrb MyNews, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "basename" parameter to includes/tiny_mce/plugins/filemanager/classes/FileManager/FileSystems/ZipFileImpl.php, includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php, includes/tiny_mce/plugins/filemanager/classes/FileSystems/RootFileImpl.php, includes/tiny_mce/plugins/imagemanager/classes/ImageManager/ImageManagerPlugin.php, and includes/tiny_mce/plugins/filemanager/classes/CorePlugin.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that "register_globals" is enabled. The vulnerabilities are confirmed in version 1.2. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: kurdish hackers team ORIGINAL ADVISORY: http://www.kurdteam.org/cc/viewtopic.php?p=234 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 13:36:06 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 21:36:06 +0100 Subject: [SEC] [SA46121] Debian update for iceape Message-ID: <201110302036.p9UKa6am021765@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for iceape SECUNIA ADVISORY ID: SA46121 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46121/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46121 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46121/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46121/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46121 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for iceape. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46203 SA46204 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2312-1: http://www.debian.org/security/2011/dsa-2312 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 14:38:44 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 22:38:44 +0100 Subject: [SEC] [SA46199] Cisco IOS IPv6 Packet Processing Denial of Service Vulnerability Message-ID: <201110302138.p9ULcivN014227@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco IOS IPv6 Packet Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46199 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46199/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46199 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46199/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46199/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46199 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an unspecified error when processing IPv6 packets and can be exploited to trigger a reload by sending specially crafted IPv6 packets to the physical or logical interfaces. Successful exploitation requires that IPv6 is enabled (disabled by default). Please see the vendor's advisory for a list of affected versions. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipv6.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 15:31:14 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 23:31:14 +0100 Subject: [SEC] [SA46206] Cisco IOS IP Service Level Agreement Denial of Service Vulnerability Message-ID: <201110302231.p9UMVEMH006140@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco IOS IP Service Level Agreement Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46206 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46206/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46206 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46206/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46206/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46206 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to an error within the IP Service Level Agreement (IP SLA) feature when processing certain UDP packets and can be exploited to trigger a reload by sending a specially crafted IP SLA packet. Please see the vendor's advisory for a list of affected versions. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipsla.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 15:51:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Sun, 30 Oct 2011 23:51:27 +0100 Subject: [SEC] [SA46226] Cisco Unified Communications Manager SIP Message Processing Denial of Service Vulnerability Message-ID: <201110302251.p9UMpRVZ028863@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco Unified Communications Manager SIP Message Processing Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46226 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46226/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46226 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46226/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46226/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46226 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco Unified Communications Manager, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak of Session Control Buffers (SCB) when processing SIP messages. This can be exploited to cause a critical process to fail and disrupt voice services via specially crafted messages sent to TCP and UDP ports 5060 and 5061. SOLUTION: Update to version 8.6(1), 8.5(1)su2, or 7.1(5b)su4. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110928-cucm.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 16:16:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 00:16:13 +0100 Subject: [SEC] [SA46156] BuddyPress Blogs MU Theme Profile CSS Script Insertion Vulnerability Message-ID: <201110302316.p9UNGDNH019402@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: BuddyPress Blogs MU Theme Profile CSS Script Insertion Vulnerability SECUNIA ADVISORY ID: SA46156 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46156/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46156 RELEASE DATE: 2011-10-30 DISCUSS ADVISORY: http://secunia.com/advisories/46156/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46156/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46156 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: knull has reported a vulnerability in the Blogs MU theme for BuddyPress, which can be exploited by malicious users to conduct script insertion attacks. Input passed in the customised profile CSS is not properly sanitised before being displayed to the user. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious profile is being viewed. The vulnerability is reported in versions prior to 1.2.9. SOLUTION: Update to version 1.2.9. PROVIDED AND/OR DISCOVERED BY: knull ORIGINAL ADVISORY: http://leethack.info/wp-xss OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 16:53:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 00:53:32 +0100 Subject: [SEC] [SA46189] Cisco IOS Data-Link Switching Denial of Service Vulnerability Message-ID: <201110302353.p9UNrWK1010546@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco IOS Data-Link Switching Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46189 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46189/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46189 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46189/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46189/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46189 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). The vulnerability is caused due to a memory leak in the Data-Link Switching (DLSw) feature and can be exploited to exhaust memory via specially crafted IP Protocol 91 packets. Please see the vendor's advisory for a list of affected versions. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110928-dlsw.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 17:18:38 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 01:18:38 +0100 Subject: [SEC] [SA46207] Cisco IOS XE MPLS IPv6 and ICMPv6 Packet Processing Two Denial of Service Vulnerabilities Message-ID: <201110310018.p9V0IcWW001068@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco IOS XE MPLS IPv6 and ICMPv6 Packet Processing Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46207 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46207/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46207 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46207/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46207/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46207 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cisco IOS XE, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46145 The vulnerabilities are reported in versions 2.1.x through 2.6.x and 3.2.xS. SOLUTION: Upgrade to version 3.3.2S or later. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipv6mpls.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 17:50:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 01:50:36 +0100 Subject: [SEC] [SA46223] Puppet Certificate Signing Requests Directory Traversal Vulnerability Message-ID: <201110310050.p9V0oaBt024421@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Puppet Certificate Signing Requests Directory Traversal Vulnerability SECUNIA ADVISORY ID: SA46223 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46223/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46223 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46223/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46223/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46223 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Puppet, which can be exploited by malicious users to compromise a vulnerable system. The vulnerability is caused due to an input sanitation error when handling X.509 certificate signing requests, which can be exploited to write arbitrary data to arbitrary files with the privileges of the Puppet Master application via directory traversal attacks. SOLUTION: Apply hotfixes for Puppet Enterprise versions 1.0, 1.1, and 1.2.x or update to Puppet versions 2.6.10 or 2.7.4. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Kristian Erik Hermansen. ORIGINAL ADVISORY: http://groups.google.com/group/puppet-users/browse_thread/thread/e57ce2740feb9406 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 18:19:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 02:19:35 +0100 Subject: [SEC] [SA46188] Ubuntu update for Puppet Message-ID: <201110310119.p9V1JZ8G015175@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for Puppet SECUNIA ADVISORY ID: SA46188 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46188/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46188 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46188/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46188/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46188 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for Puppet. This fixes a vulnerability, which can be exploited by malicious users to compromise a vulnerable system. For more information: SA46223 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1217-1: http://www.ubuntu.com/usn/usn-1217-1 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 18:51:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 02:51:29 +0100 Subject: [SEC] [SA46209] TimeLive "FileName" File Disclosure Vulnerability Message-ID: <201110310151.p9V1pTL7006057@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: TimeLive "FileName" File Disclosure Vulnerability SECUNIA ADVISORY ID: SA46209 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46209/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46209 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46209/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46209/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46209 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in TimeLive, which can be exploited by malicious people to disclose sensitive information. Input passed via the "FileName" parameter to Shared/FileDownload.aspx is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary files via directory traversal attacks. The vulnerability is reported in 4.2.1. Other versions may also be affected. SOLUTION: Filter malicious characters and character sequences using a proxy. PROVIDED AND/OR DISCOVERED BY: Nathaniel Carew OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 19:16:36 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 03:16:36 +0100 Subject: [SEC] [SA46145] Cisco IOS MPLS IPv6 and ICMPv6 Packet Processing Two Denial of Service Vulnerabilities Message-ID: <201110310216.p9V2GaAL029018@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco IOS MPLS IPv6 and ICMPv6 Packet Processing Two Denial of Service Vulnerabilities SECUNIA ADVISORY ID: SA46145 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46145/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46145 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46145/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46145/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46145 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). 1) An error when processing IPv6 packets with an expired MPLS TTL can be exploited to cause a crash via specially crafted packets. 2) An error when processing ICMPv6 packets with an expired MPLS TTL can be exploited to cause a crash. Successful exploitation requires the device to be configured for MPLS. Please see the vendor's advisory for a list of affected versions. SOLUTION: Update to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipv6mpls.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 19:50:21 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 03:50:21 +0100 Subject: [SEC] [SA46221] Zope Unspecified Command Execution Vulnerability Message-ID: <201110310250.p9V2oLoh020013@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Zope Unspecified Command Execution Vulnerability SECUNIA ADVISORY ID: SA46221 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46221/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46221 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46221/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46221/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46221 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Zope, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an unspecified error and can be exploited to execute arbitrary commands by sending specially crafted requests to the server. The vulnerability is reported in versions 2.12.x and 2.13.x SOLUTION: Update to version 2.12.20 or 2.13.10 or apply Products.Zope_Hotfix_CVE_2011_3587. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits Alan Hoey. ORIGINAL ADVISORY: http://zope2.zope.org/news/security-vulnerability-announcement-cve-2011-3587 http://plone.org/products/plone/security/advisories/20110928 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 20:28:59 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 04:28:59 +0100 Subject: [SEC] [SA46216] WordPress Popular Posts Plugin "src" Arbitrary File Upload Message-ID: <201110310328.p9V3Sx2k011714@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Popular Posts Plugin "src" Arbitrary File Upload SECUNIA ADVISORY ID: SA46216 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46216/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46216 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46216/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46216/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46216 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in the Popular Posts plugin for WordPress, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "src" parameter in wp-content/plugins/wordpress-popular-posts/scripts/timthumb.php is not properly verified before being used to cache files. This can be exploited to upload and execute arbitrary PHP files. This may be related to vulnerability #1 in: SA45416 The vulnerability is reported in version 2.1.4. Prior versions may also be affected. SOLUTION: Update to version 2.1.5. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Popular Posts: http://wordpress.org/extend/plugins/wordpress-popular-posts/changelog/ http://plugins.trac.wordpress.org/changeset?reponame=&new=444283%40wordpress-popular-posts&old=263557%40wordpress-popular-posts OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 20:52:35 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 04:52:35 +0100 Subject: [SEC] [SA46217] Ubuntu update for firefox and xulrunner Message-ID: <201110310352.p9V3qZaI002162@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Ubuntu update for firefox and xulrunner SECUNIA ADVISORY ID: SA46217 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46217/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46217 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46217/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46217/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46217 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Ubuntu has issued an update for firefox and xulrunner. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46203 SOLUTION: Apply updated packages. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: USN-1210-1: http://www.ubuntu.com/usn/usn-1210-1/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 21:16:00 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 05:16:00 +0100 Subject: [SEC] [SA46231] Cisco IOS IP Service Level Agreement Denial of Service Vulnerability Message-ID: <201110310416.p9V4G0vD025078@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Cisco IOS IP Service Level Agreement Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46231 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46231/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46231 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46231/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46231/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46231 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Cisco IOS, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46206 Please see the vendor's advisory for a list of affected versions. SOLUTION: Upgrade to a fixed version (please see the vendor's advisory for details). PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: http://www.cisco.com/warp/public/707/cisco-sa-20110928-ipsla.shtml OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 21:51:07 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 05:51:07 +0100 Subject: [SEC] [SA46210] Norman Security Suite 220210h IOCTL Handling Vulnerability Message-ID: <201110310451.p9V4p7Hb016139@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Norman Security Suite 220210h IOCTL Handling Vulnerability SECUNIA ADVISORY ID: SA46210 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46210/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46210 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46210/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46210/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46210 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been discovered in Norman Security Suite, which can be exploited by malicious, local users to gain escalated privileges. The vulnerability is caused due to an error in the nprosec.sys driver when processing the 0x00220210 IOCTL and can be exploited to write certain data into arbitrary kernel memory. Successful exploitation allows execution of arbitrary code with SYSTEM privileges. The vulnerability is confirmed in version 8.00. Other versions may also be affected. SOLUTION: Apply updates, fix was released October 3, 2011. PROVIDED AND/OR DISCOVERED BY: J?r?my Brun-Nouvion (Xst3nZ) ORIGINAL ADVISORY: Norman: http://norman.com/support/security_bulletins/privilege_escalation_vulnerability_in_norman_security_suite_32_bits/en OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 22:17:32 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 06:17:32 +0100 Subject: [SEC] [SA46218] Digital College Multiple File Inclusion Vulnerabilities Message-ID: <201110310517.p9V5HWh7006743@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Digital College Multiple File Inclusion Vulnerabilities SECUNIA ADVISORY ID: SA46218 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46218/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46218 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46218/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46218/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46218 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been discovered in Digital College, which can be exploited by malicious people to compromise a vulnerable system. Input passed via the "basepath" parameter to includes/tiny_mce/plugins/imagemanager/config.php, includes/tiny_mce/plugins/filemanager/classes/FileManager/FileSystems/ZipFileImpl.php, includes/tiny_mce/plugins/filemanager/classes/FileManager/FileManagerPlugin.php, includes/tiny_mce/plugins/filemanager/classes/FileSystems/RootFileImpl.php, and includes/tiny_mce/plugins/imagemanager/classes/ImageManager/ImageManagerPlugin.php is not properly verified before being used to include files. This can be exploited to include arbitrary files from local or external resources. Successful exploitation requires that "register_globals" is enabled. The vulnerabilities are confirmed in version 1.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly verified. PROVIDED AND/OR DISCOVERED BY: kurd-team ORIGINAL ADVISORY: http://www.kurdteam.org/cc/viewtopic.php?f=11&t=110 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 22:52:29 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 06:52:29 +0100 Subject: [SEC] [SA46112] Oboinus Shell Command Injection Vulnerability Message-ID: <201110310552.p9V5qTLQ030207@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oboinus Shell Command Injection Vulnerability SECUNIA ADVISORY ID: SA46112 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46112/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46112 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46112/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46112/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46112 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Oboinus, which can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to the application not properly sanitising the filename of images before using them in a "system()" call. This can be exploited to inject and execute arbitrary shell commands by tricking a user into opening an image file with a specially crafted filename. The vulnerability is reported in version 2.1. Prior versions may also be affected. SOLUTION: Update to version 2.2. PROVIDED AND/OR DISCOVERED BY: Reported by the vendor. ORIGINAL ADVISORY: Oboinus: http://code.google.com/p/oboinus/source/detail?r=50# OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Sun Oct 30 23:19:31 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 07:19:31 +0100 Subject: [SEC] [SA46173] Vaadin Multiple Vulnerabilities Message-ID: <201110310619.p9V6JVxS020847@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Vaadin Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46173 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46173/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46173 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46173/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46173/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46173 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Wouter Coekaerts has reported some vulnerabilities in Vaadin, which can be exploited by malicious people to conduct cross-site scripting, script insertion, and cross-site request forgery attacks and disclose potentially sensitive information. 1) Input passed to the "AbstractApplicationServlet.serveStaticResourcesInVAADIN()" function (src/com/vaadin/terminal/gwt/server/AbstractApplicationServlet.java) is not properly verified before being used to serve files. This can be exploited to e.g. download parts of the application or configuration files via directory traversal attacks. 2) Certain separator characters can be injected into the communication protocol, which can be exploited to perform certain actions via HTTP requests by e.g. tricking a logged-in user into visiting a specially crafted web page. Note: This may also be exploited to conduct cross-site scripting attacks. 3) Certain input passed to exceptions is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Input passed to the "src" attribute of various UI components (e.g. "VView", "Embedded", "VMenuBar", "VWindow", "Action", and "VFilterSelect") is not properly sanitised before being used. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in versions prior to 6.6.7. SOLUTION: Update to version 6.6.7. PROVIDED AND/OR DISCOVERED BY: Wouter Coekaerts ORIGINAL ADVISORY: Wouter Coekaerts: http://wouter.coekaerts.be/2011/vaadin-vulnerabilities Vaadin: http://vaadin.com/download/release/6.6/6.6.7/release-notes.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 11:41:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 19:41:41 +0100 Subject: [SEC] [SA46661] Joomla! Vik Real Estate Extension "contract" and "imm" SQL Injection Vulnerabilities Message-ID: <201110311841.p9VIffSX015429@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! Vik Real Estate Extension "contract" and "imm" SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46661 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46661/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46661 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46661/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46661/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46661 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the Vik Real Estate extension for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. 1) Input passed to the "contract" parameter in index.php (when "option" is set to "com_vikrealestate", "action" is set to "results", "search" is set to "gores", and "adibit" and "prov" are set to valid identifiers) is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 2) Input passed to the "imm" parameter in index.php (when "option" is set to "com_vikrealestate", and "act" is set to "show") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerabilities are reported in version 1.0. Other versions may also be affected. SOLUTION: Filter malicious characters or character sequences via a proxy. PROVIDED AND/OR DISCOVERED BY: Chris Russell ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18048/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 12:44:39 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 20:44:39 +0100 Subject: [SEC] [SA46658] WordPress ClassiPress Theme "twitter_id" and "facebook_id" Script Insertion Vulnerabilities Message-ID: <201110311944.p9VJidHf007868@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress ClassiPress Theme "twitter_id" and "facebook_id" Script Insertion Vulnerabilities SECUNIA ADVISORY ID: SA46658 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46658/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46658 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46658/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46658/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46658 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in the ClassiPress theme for WordPress, which can be exploited by malicious users to conduct script insertion attacks. Input passed via the "twitter_id" and "facebook_id" parameters to /classipress/profile/ (when "doing_wp_cron" is set) is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. The vulnerabilities are reported in versions 3.0.5.2 and 3.1.4. Other versions may also be affected. SOLUTION: Update to version 3.1.5. PROVIDED AND/OR DISCOVERED BY: Paul Loftness ORIGINAL ADVISORY: AppThemes: http://docs.appthemes.com/classipress/classipress-version-3-1-5/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 13:38:30 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 21:38:30 +0100 Subject: [SEC] [SA46652] Oracle Hyperion Enterprise Performance Management arsqls24.dll Buffer Overflow Vulnerability Message-ID: <201110312038.p9VKcUgr032290@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Oracle Hyperion Enterprise Performance Management arsqls24.dll Buffer Overflow Vulnerability SECUNIA ADVISORY ID: SA46652 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46652/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46652 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46652/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46652/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46652 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: rgod has discovered a vulnerability in Oracle Hyperion Enterprise Performance Management, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to a boundary error within arsqls24.dll when parsing database connection strings. This can be exploited to cause a stack-based buffer overflow by e.g. tricking a user into opening a specially crafted Hyperion Interactive Reporting Studio (.oce) file. Successful exploitation requires that the victim has Hyperion Interactive Reporting installed. The vulnerability is confirmed in version 11.1.2.1.0 ( arsqls24.dll version 6.0.0.60). SOLUTION: Do not open untrusted .oce files. PROVIDED AND/OR DISCOVERED BY: rgod ORIGINAL ADVISORY: http://retrogod.altervista.org/9sg_oracle_oce.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 14:39:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 22:39:50 +0100 Subject: [SEC] [SA46605] net6 Two Weaknesses Message-ID: <201110312139.p9VLdoS2024667@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: net6 Two Weaknesses SECUNIA ADVISORY ID: SA46605 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46605/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46605 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46605/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46605/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46605 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vasiliy Kulikov has reported two weaknesses in net6, which can be exploited by malicious people to disclose certain information and conduct session hijacking attacks. 1) The library may perform certain actions prior to validating the authentication of a connecting user, which can be exploited to e.g. disclose certain information about already connected users. 2) It's possible to cause an internal ID counter to overflow, which can be exploited to e.g. hijack another user's session. The weaknesses are reported in version 1.3.13. Other versions may also be affected. SOLUTION: Fixed in the GIT repository. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: Vasiliy Kulikov ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/10/30/3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 15:31:27 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 23:31:27 +0100 Subject: [SEC] [SA46698] Gobby Two Weaknesses Message-ID: <201110312231.p9VMVRs1016567@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Gobby Two Weaknesses SECUNIA ADVISORY ID: SA46698 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46698/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46698 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46698/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46698/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46698 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Vasiliy Kulikov has reported two weaknesses in Gobby, which can be exploited by malicious people to disclose certain information and conduct session hijacking attacks. 1) An error in the net6 library can be exploited to e.g. determine whether or not a certain color profile is in use by a connected user. For more information see weakness #1 in: SA46605 2) An error in the net6 library can be exploited to hijack another user's session. For more information see weakness #2 in: SA46605 SOLUTION: Restrict access to trusted hosts only. PROVIDED AND/OR DISCOVERED BY: Vasiliy Kulikov ORIGINAL ADVISORY: http://www.openwall.com/lists/oss-security/2011/10/30/3 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 15:53:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Mon, 31 Oct 2011 23:53:26 +0100 Subject: [SEC] [SA46639] Debian update for radvd Message-ID: <201110312253.p9VMrQcE006936@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for radvd SECUNIA ADVISORY ID: SA46639 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46639/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46639 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46639/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46639/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46639 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for radvd. This fixes a security issue and multiple vulnerabilities, which can be exploited by malicious people to cause a DoS (Denial of Service). For more information: SA46200 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2323-1: http://www.debian.org/security/2011/dsa-2323 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 16:16:58 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 00:16:58 +0100 Subject: [SEC] [SA46677] Novell Messenger Server Process Memory Information Disclosure Vulnerability Message-ID: <201110312316.p9VNGw52029832@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Novell Messenger Server Process Memory Information Disclosure Vulnerability SECUNIA ADVISORY ID: SA46677 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46677/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46677 RELEASE DATE: 2011-10-31 DISCUSS ADVISORY: http://secunia.com/advisories/46677/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46677/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46677 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Novell Messenger, which can be exploited by malicious people to disclose potentially sensitive information. The vulnerability is caused due to an error in the Messenger server process when processing certain commands. This can be exploited to disclose the contents of an arbitrary memory location, which may contain e.g. authentication credentials. The vulnerability is reported in versions prior to 2.2.1. SOLUTION: Update to version 2.2.1. PROVIDED AND/OR DISCOVERED BY: The vendor credits Luigi Auriemma via iDefense. ORIGINAL ADVISORY: http://www.novell.com/support/viewContent.do?externalId=7009634 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 17:00:26 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 01:00:26 +0100 Subject: [SEC] [SA46656] Joomla! HM Community Component Script Insertion and SQL Injection Vulnerabilities Message-ID: <201111010000.pA100QgK021299@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Joomla! HM Community Component Script Insertion and SQL Injection Vulnerabilities SECUNIA ADVISORY ID: SA46656 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46656/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46656 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46656/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46656/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46656 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in the HM Community component for Joomla!, which can be exploited by malicious users to conduct script insertion attacks and by malicious people to conduct SQL injection attacks. 1) Input passed via the "language[]", "university[]", "persent[]", "company_name[]", "designation[]", "music[]", "books[]", "movies[]", "games[]", "syp[]", "ft[]", and "fa[]" parameters to index.php (when "option" is set to "com_hmcommunity", "view" is set to "profile", and "task" is set to "save") is not properly sanitised before being used. This can be exploited to insert arbitrary HTML and script code, which will be executed in a user's browser session in context of an affected site when the malicious data is being viewed. 2) Input passed via the "id" parameter to index.php (when "option" is set to "com_hmcommunity" and "view" is set to "fnd_home") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: 599eme Man ORIGINAL ADVISORY: http://www.exploit-db.com/exploits/18050/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 17:35:33 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 01:35:33 +0100 Subject: [SEC] [SA46681] Openswan Cryptographic Helper Use-After-Free Denial of Service Vulnerability Message-ID: <201111010035.pA10ZX5w012365@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Openswan Cryptographic Helper Use-After-Free Denial of Service Vulnerability SECUNIA ADVISORY ID: SA46681 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46681/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46681 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46681/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46681/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46681 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: A vulnerability has been reported in Openswan, which can be exploited by malicious users to cause a DoS (Denial of Service). The vulnerability is caused due to a use-after-free error related to the crypto helper handler, which can be exploited to crash the IKE daemon by passing specially crafted ISAKMP phase 1 authentication. The vulnerability is reported in versions 2.3.0 through 2.6.36 (configured with nhelpers=0). SOLUTION: Update to version 2.6.37 or apply patch. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ PROVIDED AND/OR DISCOVERED BY: The vendor credits the information security group at ETH Zurich. ORIGINAL ADVISORY: http://www.openswan.org/download/CVE-2011-4073/ OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 18:05:50 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 02:05:50 +0100 Subject: [SEC] [SA46640] Debian update for tor Message-ID: <201111010105.pA115oAB003162@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for tor SECUNIA ADVISORY ID: SA46640 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46640/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46640 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46640/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46640/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46640 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for tor. This fixes a security issue, which can be exploited by malicious people to disclose potentially sensitive information. For more information: SA46634 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2331-1: http://www.debian.org/security/2011/dsa-2331 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 18:28:45 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 02:28:45 +0100 Subject: [SEC] [SA46614] Debian update for python-django Message-ID: <201111010128.pA11Sjof026009@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for python-django SECUNIA ADVISORY ID: SA46614 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46614/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46614 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46614/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46614/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46614 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for python-django. This fixes some vulnerabilities, which can be exploited by malicious people to disclose certain system information, manipulate certain data, conduct cache poisoning attacks, and cause a DoS (Denial of Service). For more information: SA45939 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2332-1: http://www.debian.org/security/2011/dsa-2332 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 18:52:54 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 02:52:54 +0100 Subject: [SEC] [SA46695] SUSE update for java-1_6_0-openjdk Message-ID: <201111010152.pA11qsc4016516@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: SUSE update for java-1_6_0-openjdk SECUNIA ADVISORY ID: SA46695 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46695/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46695 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46695/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46695/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46695 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: SUSE has issued an update for java-1_6_0-openjdk. This fixes multiple vulnerabilities, which can be exploited by malicious users to disclose certain information and by malicious people to disclose potentially sensitive information, hijack a user's session, conduct DNS cache poisoning attacks, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system. For more information: SA46512 SOLUTION: Apply updated packages via the zypper package manager. ORIGINAL ADVISORY: openSUSE-SU-2011:1196-1: http://lists.opensuse.org/opensuse-updates/2011-10/msg00035.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 19:19:09 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 03:19:09 +0100 Subject: [SEC] [SA46671] WordPress Simple Balance Theme "s" Cross-Site Scripting Vulnerability Message-ID: <201111010219.pA12J9es007094@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: WordPress Simple Balance Theme "s" Cross-Site Scripting Vulnerability SECUNIA ADVISORY ID: SA46671 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46671/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46671 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46671/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46671/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46671 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Mr.PaPaRoSSe has discovered a vulnerability in the Simple Balance theme for WordPress, which can be exploited by malicious people to conduct cross-site scripting attacks. Input passed via the "s" parameter to index.php is not properly sanitised in wp-content/themes/simplebalance/search.php before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. The vulnerability is confirmed in version 2.2.1. Other versions may also be affected. SOLUTION: Edit the source code to ensure that input is properly sanitised. PROVIDED AND/OR DISCOVERED BY: Mr.PaPaRoSSe ORIGINAL ADVISORY: http://paparosse.blogspot.com/2011/10/simple-balance-20-cross-site-scripting.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 19:50:05 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 03:50:05 +0100 Subject: [SEC] [SA46687] Fedora update for kernel Message-ID: <201111010250.pA12o5Po030355@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fedora update for kernel SECUNIA ADVISORY ID: SA46687 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46687/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46687 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46687/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46687/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46687 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fedora has issued an update for the kernel. This fixes a vulnerability, which can be exploited by malicious, local users to cause a DoS (Denial of Service). For more information: SA46489 SOLUTION: Apply updated packages via the yum utility ("yum update kernel"). ORIGINAL ADVISORY: FEDORA-2011-14747: http://lists.fedoraproject.org/pipermail/package-announce/2011-October/068684.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 20:28:13 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 04:28:13 +0100 Subject: [SEC] [SA46672] Debian update for phpldapadmin Message-ID: <201111010328.pA13SDRM022025@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Debian update for phpldapadmin SECUNIA ADVISORY ID: SA46672 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46672/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46672 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46672/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46672/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46672 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Debian has issued an update for phpldapadmin. This fixes two vulnerabilities, which can be exploited by malicious people to conduct cross-site scripting attacks and compromise a vulnerable system. For more information: SA46551 SOLUTION: Apply updated packages via the apt-get package manager. ORIGINAL ADVISORY: DSA-2333-1: http://www.debian.org/security/2011/dsa-2333 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 20:50:41 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 04:50:41 +0100 Subject: [SEC] [SA46613] eFront Multiple Vulnerabilities Message-ID: <201111010350.pA13oflo012458@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: eFront Multiple Vulnerabilities SECUNIA ADVISORY ID: SA46613 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46613/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46613 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46613/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46613/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46613 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Multiple vulnerabilities have been reported in eFront, which can be exploited by malicious users to conduct SQL injection attacks and compromise a vulnerable system and by malicious people to bypass certain security restrictions, conduct cross-site scripting and SQL injection attacks, and compromise a vulnerable system. 1) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 2) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 3) Certain unspecified input is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. 4) Input passed via the "HTTP_REFERER" parameter to www/periodic_updater.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 5) Input passed via the "view_unit" parameter to www/js/LMSFunctions.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 6) Input passed via the "sent_notification_id" parameter to www/send_notifications.php is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires that the server is configured to send emails externally. 7) Certain unspecified input is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 8) Input passed via the "surveys_ID" and "screen_survey" parameters to professor.php (when "ctg" is set to "survey") is not properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. 9) An error within the authentication mechanism does not properly verify the "cookie_login" cookie value. This can be exploited to bypass the authentication mechanism and gain administrative access to the application. 10) Input passed via the "templateName" POST parameter is not properly verified in www/editor/tiny_mce/plugins/save_template/save_template.php before being used to create files. This can be exploited to create arbitrary files outside of the web root via directory traversal attacks and URL-encoded NULL bytes. 11) The libraries/filesystem.class.php script does not properly verify uploaded files. This can be exploited to execute arbitrary PHP code by uploading a malicious PHP script with a capitalised extension. Successful exploitation requires "Professor" privileges. The vulnerabilities are reported in version 3.6.10 build 11944. Prior versions may also be affected. SOLUTION: Update to version 3.6.10 build 12151 or later. PROVIDED AND/OR DISCOVERED BY: 4-6, 9-11) EgiX 8) Vulnerability Research Laboratory The vendor credits: 1) Canberk Bolat, Mavituna Security 2,7) High-Tech Bridge SA 3) Semyon Perepelitsa ORIGINAL ADVISORY: eFront: http://forum.efrontlearning.net/viewtopic.php?f=15&t=3501 EgiX: http://packetstormsecurity.org/files/106280/efront-shellsqlexec.txt Vulnerability Research Laboratory: http://www.vulnerability-lab.com/get_content.php?id=298 OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 21:15:19 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 05:15:19 +0100 Subject: [SEC] [SA46648] Fujitsu Interstage HTTP Server Two Vulnerabilities Message-ID: <201111010415.pA14FJRe002957@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Fujitsu Interstage HTTP Server Two Vulnerabilities SECUNIA ADVISORY ID: SA46648 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46648/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46648 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46648/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46648/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46648 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Fujitsu has acknowledged two vulnerabilities in Interstage HTTP Server, which can be exploited by malicious people to cause a DoS (Denial of Service) and bypass certain security restrictions. For more information: SA44490 SA46288 Please see the vendor's advisory for the list of affected products. SOLUTION: Apply workaround (please see the vendor's advisory for more information). ORIGINAL ADVISORY: http://www.fujitsu.com/global/support/software/security/products-f/interstage-201104e.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 21:57:25 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 05:57:25 +0100 Subject: [SEC] [SA46192] Red Hat update for firefox Message-ID: <201111010457.pA14vPrH026795@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Red Hat update for firefox SECUNIA ADVISORY ID: SA46192 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46192/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46192 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46192/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46192/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46192 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Red Hat has issued an update for firefox. This fixes multiple vulnerabilities, which can be exploited by malicious people to bypass certain security restrictions and compromise a user's system. For more information: SA46203 SOLUTION: Updated packages are available via Red Hat Network. Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ORIGINAL ADVISORY: RHSA-2011:1341-01: https://rhn.redhat.com/errata/RHSA-2011-1341.html OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 22:32:40 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 06:32:40 +0100 Subject: [SEC] [SA46213] NCSS 2007 Spreadsheet File Processing Array-Indexing Vulnerability Message-ID: <201111010532.pA15WeZM018855@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: NCSS 2007 Spreadsheet File Processing Array-Indexing Vulnerability SECUNIA ADVISORY ID: SA46213 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46213/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46213 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46213/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46213/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46213 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Luigi Auriemma has discovered a vulnerability in NCSS 2007, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an array-indexing error in the VCF132.OCX module when processing certain data and can be exploited to corrupt memory via a specially crafted Spreadsheet file (".s0"). Successful exploitation may allow execution of arbitrary code, but requires tricking a user into opening a malicious file. The vulnerability is confirmed in version 07.1.21. Other versions may also be affected. SOLUTION: Do not open files from untrusted sources. PROVIDED AND/OR DISCOVERED BY: Luigi Auriemma ORIGINAL ADVISORY: http://aluigi.altervista.org/adv/ncss_1-adv.txt OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ---------------------------------------------------------------------- From sec-adv at secunia.com Mon Oct 31 23:01:53 2011 From: sec-adv at secunia.com (Secunia Security Advisories) Date: Tue, 1 Nov 2011 07:01:53 +0100 Subject: [SEC] [SA46172] Perl "decode_xs()" and "File::Glob::bsd_glob()" Vulnerabilities Message-ID: <201111010601.pA161rEi009609@CRON-IX-2.intnet> ---------------------------------------------------------------------- Ovum says ad hoc tools are out-dated. The best practice approach? Fast vulnerability intelligence, threat handling, and setup in one tool. Read the new report on the Secunia VIM: http://secunia.com/products/corporate/vim/ovum_2011_request/ ---------------------------------------------------------------------- TITLE: Perl "decode_xs()" and "File::Glob::bsd_glob()" Vulnerabilities SECUNIA ADVISORY ID: SA46172 VERIFY ADVISORY: Secunia.com http://secunia.com/advisories/46172/ Customer Area (Credentials Required) https://ca.secunia.com/?page=viewadvisory&vuln_id=46172 RELEASE DATE: 2011-11-01 DISCUSS ADVISORY: http://secunia.com/advisories/46172/#comments AVAILABLE ON SITE AND IN CUSTOMER AREA: * Last Update * Popularity * Comments * Criticality Level * Impact * Where * Solution Status * Operating System / Software * CVE Reference(s) http://secunia.com/advisories/46172/ ONLY AVAILABLE IN CUSTOMER AREA: * Authentication Level * Report Reliability * Secunia PoC * Secunia Analysis * Systems Affected * Approve Distribution * Remediation Status * Secunia CVSS Score * CVSS https://ca.secunia.com/?page=viewadvisory&vuln_id=46172 ONLY AVAILABLE WITH SECUNIA CSI AND SECUNIA PSI: * AUTOMATED SCANNING http://secunia.com/vulnerability_scanning/personal/ http://secunia.com/vulnerability_scanning/corporate/wsus_sccm_3rd_third_party_patching/ DESCRIPTION: Two vulnerabilities have been reported in Perl, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system. 1) An error within the "File::Glob::bsd_glob()" function when handling the GLOB_ALTDIRFUNC flag can be exploited to cause an access violation and potentially execute arbitrary code. 2) An error within the "decode_xs()" function in Encode can be exploited to cause a heap-based buffer overflow via specially crafted input. SOLUTION: Update to version 5.14.2. PROVIDED AND/OR DISCOVERED BY: The vendor credits: 1) Cl?ment Lecigne 2) Robert Zacek ORIGINAL ADVISORY: http://cpansearch.perl.org/src/FLORA/perl-5.14.2/pod/perldelta.pod OTHER REFERENCES: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ DEEP LINKS: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED DESCRIPTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXTENDED SOLUTION: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ EXPLOIT: Further details available in Customer Area: http://secunia.com/vulnerability_intelligence/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help private users keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/advisories/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/advisories/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=caos-secbox%40lists.infiscale.org ----------------------------------------------------------------------